/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */
krishnamoorthy <[EMAIL PROTECTED]> wrote: > > u r sending a packet to some other destination, a hacker snoop that > packet and find the source and destination address, now he send a > packet from his system to u as the previous packets reply packet and > also he sets on the 'ack' flag of that packet, IP has no authentication mechanism. That means there is no way to determine who sent a packet, other than looking at the source IP field. > i want to deny that kind of packets but i have to accept the replied > acknowledged packets sent from the destination system. what are all > the rules i have to frame,(in iptables or ipchains) If a hacker is able to craft a packet closely enough, then you will have no choice but to believe that it is genuine. If a hacker can snoop all of your packets like that, then you have lost. -- [EMAIL PROTECTED] (Fuzzy Fox) || "Good judgment comes from experience. sometimes known as David DeSimone || Experience comes from bad judgment." _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
