--On Monday, August 12, 2002 09:07:20 -0700 Paul Jacobs
<paul@xxxxxxxxxxxxxxxxxx> wrote:
Why is it that after SUN'S new "TCP Hardening" patch and the 8+ new
services running on my box now that when you goto "Action Against
Detected Scans" and select "Log and Block" you get a message saying " if
you enable this option you will be open to
DOS attack's! ?.
Because if someone scans your box using forged source addresses, you will be
blocking the forged addresses, which just might happen to belong to your
customers. If they forge the IPs to be those of the relatively few AOL
proxies,
for example, then the scan could cause you to block everyone from AOL.
Frank
--
Frank Smith fsmith@xxxxxxxxxxx
Systems Administrator Voice: 512-374-4673
Hoover's Online Fax: 512-374-4501