[Dshield] Is it true that Linux users do not fear Viruses and Trojans (+ some vital questions)
pacu at sympatico.ca
Sat Oct 12 18:11:05 GMT 2002
On Friday 11 October 2002 05:14 pm, Jens Knoell wrote:
> Except that this in itself leaves you open for a DoS attack. Imagine
> someone sending you forged "attack" packets which appear to come from, say,
> the root nameservers and any local nameservers that might serve your
> connection... poof, connection gone. Works like a charm against many many
> firewall+ids combos out there.
Sure, I'm not saying that I'm invulnerable to DoS or DDoS (who is?) but in this particular
case, it's all about making the good rules. My nameservers can't be blocked easily by
iptables but that doesn't stop IP spoofing anyway. Loosing my connection is much less
important than losing root.
More information about the list