Dear list,
Certain Firewalls (say a Cisco PIX, to name one) can protect a network
before certain attacks (say SYN flooding) by first establishing the TCP
protocol with the foreign host and only after successful TCP parameter
negotiation initiating the actual TCP connection to the client. [Afaik,
the PIX (for example) even allows randomization of Packet Sequence Numbers
(in the outbound direction) of the watched TCP connections.]
I'm under the impression that I cannot achieve protection against such
denial of service attacks with a linux firewall. Please someone with more
experience with linux firewalls confirm that or better (of course!): send
me a pointer, url, whatever to the program that allows me to establish
such protection.
Thanks in advance,
Michael.
--
Michael Weller: [EMAIL PROTECTED], [EMAIL PROTECTED],
or even [EMAIL PROTECTED] If you encounter an eowmob account on
any machine in the net, it's very likely it's me.
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
