Women in Technology

Hear us Roar



Article:
  OpenBSD PF Developer Interview
Subject:   questions of the bridge
Date:   2004-06-22 22:09:42
From:   F.B
Response to: questions of the bridge

If you install 3.5 you could limit the number of states by src IP. I think this could work if they doesn't use random spoofed src IPs.
Full Threads Newest First

Showing messages 1 through 1 of 1.

  • questions of the bridge
    2004-06-22 23:15:11  xiyang [View]

    two problems:
    1)it is random(),the method that limit the number of states by src IP maybe not effective.
    2)i had use the function in the freebsd 4.10,but,the attacker could stuff your stack(net.inet.ip.fw.dyn_count) immediately,the syslogd report that "too many dyn rules..",so,you must add the num of net.inet.ip.fw.dyn_max, do like:
    sysctl -w net.inet.ip.fw.dyn_max=32768