Re: FreeBSD Security Advisory FreeBSD-SA-14:08.tcp

看板FB_security作者時間11年前 (2014/05/04 02:01), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串19/21 (看更多)
On Sat, 3 May 2014 01:25:40 -0400, Garrett Wollman wrote: > <<On Sat, 3 May 2014 13:53:44 +1000 (EST), Ian Smith <smithi@nimnet.asn.au> said: > > > I've always allowed frags, as per the example rulesets in rc.firewall. > > I only recall seeing them on DNS responses from zen.spamhaus.org, where > > I see plenty of these after a resetlog before the logging limit kicks > > in. I doubt I'd be getting rid of ~90% of incoming spam without; eg: > > Blocking inbound fragments will definitely screw you when you try to > use DNSsec. Thanks to you and Darren; more grist for mending the Handbook ipfw page, likely why some people have been perhaps ill-advisedly dropping frags. cheers, Ian _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 smithi. 的文章
文章代碼(AID): #1JPIxYtq (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 19 之 21 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共21篇)
更多 smithi. 的文章
文章代碼(AID): #1JPIxYtq (FB_security)