Hi, Am Die, 2003-12-09 um 19.01 schrieb John A. Sullivan III: > > > echo 1 > /proc/sys/net/ipv4/tcp_syncookies -- if you have not compiled > > > > > > Is that valid for forwarded packets? or only destinated to the firewall? This is valid only for local packets. > We have avoided using these /proc settings for just that concern - that > they are mostly for the gateway itself and not for the devices being > protected by it whether it is anti-spoofing with rp_filter or protecting > against syn_floods. Is this assumption of ours true? Thanks, all - John Actually it depends. Most just concern local packets, but rp_filter and accept_source_route for example tests for all packets. Cheers, Ralf -- Ralf Spenneberg RHCE, RHCX Book: VPN mit Linux Book: Intrusion Detection für Linux Server http://www.spenneberg.com IPsec-Howto http://www.ipsec-howto.org Honeynet Project Mirror: http://honeynet.spenneberg.org
