The intent wasn't to be 100% secure. It was to really slow down the script kiddies that where clogging my server logs.
As for IP spoofing. Spoofing an IP packet source address is really easy, which is why blocking DDoS attacks can be difficult. However, if you want to have an actual two-way conversation with a computer you have to find a third host that supports loose source routing (any older windoze box will do). Most infrastructure routers on the net drop/block packets with source route options so spoofing the source IP of a TCP conversation is not generally practical over the internet. -Tad > -----Original Message----- > From: Matan Peled [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 06, 2005 1:14 AM > To: [email protected] > Subject: Re: [gentoo-security] [OT?] automatically firewalling off IPs > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Tad Glines wrote: > > These rules only block out the offending IP. All others remain un- > blocked. > > IP spoofing. It isn't that far fetched, really... > > > - -- > [Name ] :: [Matan I. Peled ] > [Location ] :: [Israel ] > [Public Key] :: [0xD6F42CA5 ] > [Keyserver ] :: [keyserver.kjsl.com] > encrypted/signed plain text preferred > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.1 (GNU/Linux) > > iD8DBQFDRNy9A7Qvptb0LKURAhauAJ9eAx9RhXOGfWz2h6BX122ULW1JGgCfTEyT > v+4I9OQxcEWAuuqYenD+ejk= > =PQtc > -----END PGP SIGNATURE----- > -- > [email protected] mailing list -- [email protected] mailing list
