On Tue, Sep 30, 2008 at 09:56:32AM +0200, Jeroen Ruigrok van der Werven wrote:
> -On [20080930 05:14], Rich Healey ([EMAIL PROTECTED]) wrote:
> >What do you BSD guys use for this purpose?
> 
> I actually use blockhosts, which is a Python solution you tie into
> hosts.allow.
> 
> http://www.aczoom.com/cms/blockhosts

In no way shape or form does this solve the problem of the attackers
being able to establish a TCP connection to you -- they are still tying
up sockets, mbufs, and extra network I/O (coming from you when you
respond and close the socket).

TCP wrappers are absolutely 100% worthless in this day and age.

-- 
| Jeremy Chadwick                                jdc at parodius.com |
| Parodius Networking                       http://www.parodius.com/ |
| UNIX Systems Administrator                  Mountain View, CA, USA |
| Making life hard for others since 1977.              PGP: 4BD6C0CB |

_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to