I'm ok. But it's maybe possible to block it with realsecure and opsec
configuration and block the source ip by example.
Can you give me your opinion.
Thanks
Lance Spitzner writes:
> On Wed, 14 Jun 2000, Frederic NAKHLE wrote:
>
> > I already test this attack and the result is that nobody can go
> > out/in the site.
> > At this moment i thing that the solution is to have a IDS like
> > realsecure snort. This ids can block this attack.
>
> Actually, no IDS can block the attack, the IDS can only detect the
> attack. The attack can the be blocked by an upstream rouer, or
> an additional filter such as Darren Reed's IPFilter. For more info,
> check out http://www.enteract.com/~lspitz/fwtable.html
>
> Hope that helps. :)
>
> lance
>
--
-----------------------------------------------
Frederic NAKHLE mailto:[EMAIL PROTECTED]
RISC Technology Europe http://www.risc.fr
Liste FireWall-1 RISC http://lists.risc.fr
APRIL http://www.april.org
Debian GNU/Linux http://www.debian.org
-----------------------------------------------
"Resistance is futile. Open your source code and prepare for assimilation."
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
