Full Disclosure mailing list archives
Re: Lets discuss, Firewalls...
From: "Ben Nelson" <lists () venom600 org>
Date: Sat, 30 Aug 2003 09:44:26 -0600
On August 29, 9:33 pm "Mike @ Suzzal.net" <mike () suzzal net> wrote:
Can you get to it? How?
Possibly. Source routed packets.
Do you still need a firewall? Why?
Yes. To block source routed packets. There may be a registry setting to not accept source routed packets on windows...I'm not sure. On linux you'd: echo 0 > /proc/sys/net/ipv4/conf/<interface>/accept_source_route Do that once for each interface on your box. Another reason to have a firewall is to limit outbound traffic. Say you click on an email file attachment ( i.e. a really 'wicked' screensaver ;) and your box gets infected with some worm. Do you really want your box to be able to advertise to the world that it's infected....and possibly infect other boxes? --Ben _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Lets discuss, Firewalls... Mike @ Suzzal.net (Aug 29)
- Re: (SPAM?) Lets discuss, Firewalls... Jim Race (Aug 29)
- Re: (SPAM?) Lets discuss, Firewalls... Manfred Schmitt (Aug 30)
- Re: Lets discuss, Firewalls... Michael Scheidell (Aug 30)
- Re: Lets discuss, Firewalls... Ben Nelson (Aug 30)
- Re: Lets discuss, Firewalls... Valdis . Kletnieks (Aug 31)
- Re: (SPAM?) Lets discuss, Firewalls... Jim Race (Aug 29)