It's that easy to spoof UDP huh?
On Wed, 08 Dec 1999, Michael H. Warfield wrote:
> On Wed, Dec 08, 1999 at 09:27:58AM -0500, Raymond Popowich wrote:
>
> > I have found that the -atcp and -udp modes work best for me.
>
> Be very VERY careful with udp mode. If someone figures out that
> you are doing that, they can spoof in carefully crafted UDP scans (src
> address on UDP can be faked and spoofed) as if they were coming from
> something like all the root name servers, and you are then toast.
>
> I prefer to just block UDP except for tightly controlled services
> (ntp, dns) and only to specific routes. Then use portsentry for tcp.
>
> > On Tue, 7 Dec 1999, Steve wrote:
> >
> > >> I have cable access and set up a rh6.1 box as my router/firewall for my small
> > >> home network. I also installed portsentry to monitor any port scans. Could some
> > >> one please give me some advise as to which portsentry mode is best for my
> > >> application? Basic, Stealth or Advanced Stealth. I am real new to all this. Any
> > >> advise would be appreciated.
> > >>
> > >> TIA
> > >> Steve
> > >>
> >
> > -----
> > Raymond Popowich
> > [EMAIL PROTECTED]
> >
> >
> >
> > --
> > To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> > as the Subject.
>
> --
> Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
> (The Mad Wizard) | (770) 331-2437 | http://www.wittsend.com/mhw/
> NIC whois: MHW9 | An optimist believes we live in the best of all
> PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
>
>
> --
> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> as the Subject.
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
