man, 2002-04-29 kl. 16:03 skrev Joe Patterson: > you're misreading that rule.
I'm not, you know. Actually, from what you say, I don't know whether you are writing about "his" rule or "my" rule. What "my" rule says, is: "If it's NEW, and if the SYN flag isn't set exclusively, then: a: Log it to prefix NEW-NOT-SYN:; b: Drop it. Alternatively, what "he" says is the basis of *many* stealth scans (like Xmas tree) and other nastiness, as I said. I've masses of documentation and someone far more talented than I am passed on this rule to me. Not to speak of Oskar Andreasson, who also says more or less the same in his tutorial :-) Tony -- Tony Earnshaw e-post: [EMAIL PROTECTED] www: http://www.billy.demon.nl gpg public key: http://www.billy.demon.nl/tonni.armor Telefoon: (+31) (0)172 530428 Mobiel: (+31) (0)6 51153356 GPG Fingerprint = 3924 6BF8 A755 DE1A 4AD6 FA2B F7D7 6051 3BE7 B981 3BE7B981
signature.asc
Description: Dette er en digitalt signert meldingsdel
