ian,
On Friday 16 November 2001 14:47, Ian C. Sison wrote:
> ipchains -L -M -n
thanks. the correct answer, i suspect, is man ipchains :).
> > or maybe that's the wrong question. better would be, how
> > would an attacker, ah, attack a box like that where there
> > are no open ports to connect to? i don't think "deny by
>
> Syn Floods, Ping floods, unless you deny icmp as well. If your
> kernel is old, ye old ping of death will do you..
i thought about that. but then i decided that if the kernel is
vulnerable (i.e., old) and (as in my setup), the firewall is not a
separate computer then the kernel will still get all those packets,
right? so when the ping of death comes, the box will die anyway
despite firewall icmp deny rules?
tiger
--
Gerald Timothy Quimpo [EMAIL PROTECTED] [EMAIL PROTECTED]
Entia non sunt multiplicanda praetere necessitatem
Mene sakhet ur seveh
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
