|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: DoS, ICMP, proxies, SYNDefender
Tim Bass writes: > On the SYNDefender firewall..... if we are interested in > firewalls, then the 'elegant firewall solution' is, IMO, > to insure that our gateways send ICMP UNREACHABLE messages > back to the host. Then it is somewhat easy to do the > kernel checks to free SYN_REVC 'zombies' It would also make it easier to nuke vital network communications paths. Thanks, but I'll pass. Perry - - - - - - - - - - - - - - - - -
|