...on Tue, Mar 27, 2001 at 12:26:32AM +0200, Alexander Bochmann wrote:
> (On another note, at least with 6.5, if spoofing protection
> isn't activated and configured correctly on the internal
> interfaces, you can also flood the internal network with
> packets generated by the firewall as answer to (spoofed)
> packets on the outside interface - if you know the networks
> used internally.)
*ugh* yes, that was a dumb remark :(
Yes, I know it's in the docs, and I know it was changed from
"good practice" to "strongly recommended" somewhere between
5.0 and 6.5.
Alex.