On Sun, Sep 23, 2001 at 02:08:40PM +1000, Sam Couter wrote:
> Karl E. Jorgensen <[EMAIL PROTECTED]> wrote:
> > Doesn't this leave you open to DOS attacks? I'm thinking that source IP
> > addresses are relatively easy to forge, and hence an attacher can forge
> > a nimda attach and cause you to block off legitimate IP addresses -
> > ie. your DNS server our default gateway...
>
> To forge a Nimda attack would require you to forge a TCP connection. That's
> not easy, unless the attacker is on the network path to the forged address.
Obvious, but true. I stand(/sit?) corrected.
> --
> Sam Couter | Internet Engineer | http://www.topic.com.au/
> [EMAIL PROTECTED] | tSA Consulting |
> OpenPGP key ID: DE89C75C, available on key servers
> OpenPGP fingerprint: A46B 9BB5 3148 7BEA 1F05 5BD5 8530 03AE DE89 C75C
--
Karl E. J�rgensen
[EMAIL PROTECTED]
www.karl.jorgensen.com
==== Today's fortune:
We don't know who it was that discovered water, but we're pretty sure
that it wasn't a fish.
-- Marshall McLuhan
PGP signature
