9 Apr
2004
9 Apr
'04
5:33 p.m.
Frank Sweetser <fs@WPI.EDU> writes:
That doesn't always work. Not all of these attacks require that the packet sent to your machine be sent to what your machine believes is the broadcast address for your subnet.
True. I suppose some simple rate limiting would do the trick for this as a general solution... (-m limit --limit 2/second type thing)
Think of it this way. Would you leave your back door unlocked and open just because you've only seen people come in and out of the front door?
Well, we are talking about ping here. -- Josh Huber