nanog mailing list archives
Re: Firewalls in service provider environments
From: Christopher Morrow <morrowc.lists () gmail com>
Date: Wed, 8 Feb 2012 10:01:33 -0500
On Wed, Feb 8, 2012 at 9:25 AM, Matthew Reath <matt () mattreath com> wrote:
Good point. Adding in an established entry, although may open you up for TCP/SYN sort of packets is a better trade off than affecting customer traffic.
'established' is explicitly NOT 'syn' ... maybe you meant 'ack flood' ? (or rst flood? or .... but certainly not syn flood)
Current thread:
- Firewalls in service provider environments Matthew Reath (Feb 07)
- RE: Firewalls in service provider environments Leigh Porter (Feb 07)
- RE: Firewalls in service provider environments Matthew Reath (Feb 07)
- Re: Firewalls in service provider environments William Herrin (Feb 07)
- Re: Firewalls in service provider environments Matthew Reath (Feb 07)
- Re: Firewalls in service provider environments Matt Buford (Feb 07)
- Re: Firewalls in service provider environments Matthew Reath (Feb 08)
- Re: Firewalls in service provider environments Christopher Morrow (Feb 08)
- Re: Firewalls in service provider environments Matthew Reath (Feb 08)
- Re: Firewalls in service provider environments Henry Yen (Feb 08)
- Re: Firewalls in service provider environments David Walker (Feb 09)
- RE: Firewalls in service provider environments Matthew Reath (Feb 07)
- RE: Firewalls in service provider environments Leigh Porter (Feb 07)
- RE: Firewalls in service provider environments George Bonser (Feb 07)
- Re: Firewalls in service provider environments Jared Mauch (Feb 07)
- Re: Firewalls in service provider environments Suresh Ramasubramanian (Feb 07)
- Re: Firewalls in service provider environments Steve Bertrand (Feb 07)