[SOVED]firewall-sinexeias
Christos Ricudis
ricudis at komodino.itc.auth.gr
Fri Nov 18 15:24:26 EET 2005
Alex Chontzopoulos wrote:
>Oi gnomes diistantai ... :-)
>
>Apo tin mia exeis dikio(Legitimate Users) kai apo tin alli exeis adiko
>(Hostile users)....
>
>As min to analisoume edw kalutera
>
>
Epimenw.
Dexesai me tyflh pisth oti OPOIADHPOTE plhroforia, boh8aei ton hostile
user. Merikes fores h apwleia plhroforias periexei h idia plhroforia -
sth sygkekrimenh periptwsh, to DROP eidopoiei ton hostile user oti
YPARXEI ena filtro to opoio kobei KATI poy endexomenws na exei
"endiaferon" gi' ayton.
Ena "REJECT" reply anti8etws, isodynamei me thn default symperifora enos
TCP socket sto opoio den akouei kanenas : ECONNREFUSED.
Mporw na fantastw mono tria senaria sta opoia to DROP yperterei tou
REJECT ws pros ayto to shmeio :
1) Apotrepei dynhtika DoS attacks
2) Apotrepei dynhtika timing-based attacks (xwris na eimai apolyta
sigouros gi ayto)
3) Epiballei ston hostile user na perimenei kapoio xroniko diasthma
mexri na diapistwsei oti den tou hr8e apanthsh.
--
Christos Ricudis ricudis at itc.auth.gr
Systems Administrator +30-2310-998656
IT Support Center
Aristotle University of Thessaloniki, GREECE
More information about the Linux-greek-users
mailing list