|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] fire wall question(s)
|
On Tue, 26 Feb 2002, Mike Leone wrote:
> I can open ports on my firewall, but not have daemons listening on those
ports, nor forwarded to any other machine.
And what level of hardware or software rejects traffic when a port is
closed?
> > Denial of Service, I assume that means. Which situation would allow DOS:
>
> Yep.
>
> > having the port closed, or open but not listened to? I would think the
> > former, but I'm not sure yet that I know what "closed" means.
>
> Well, consider: whether or not a port is open, or listened to, or
whatever ... if I decide to send 400 million packets at you, on port 53,
say ... unless you have some upstream way of blocking those packets, your
line going to be flooded with incoming packets. Nothing else will be able
to get in (effectively speaking), nor can you get out, because your
bandwidth is being chewed up by all those incoming packets. Even if you're
not processing them, they're still coming in..
Ok, that makes sense. And it seems to apply whether the port is opened or
closed, listened to or not...?
Wayne
______________________________________________________________________
Philadelphia Linux Users Group - http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion - http://lists.phillylinux.org/mail/listinfo/plug
|
|