thr3ads.net - Shorewall users - [Shorewall-users] General question [Nov 2003]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Kenneth Grande

2003-Nov-06 07:59 UTC

[Shorewall-users] General question

I have been doing some attack attempts on my fws and they all seem to
not discard TCP SYN packets which have the FIN flag set.
Is there a way to configure shorewall to dicard these packages?

Should I worry?

Best Regards,
Kenneth.

Tom Eastep

2003-Nov-06 08:23 UTC

head link

[Shorewall-users] General question

> I have been doing some attack attempts on my fws and they all seem to
> not discard TCP SYN packets which have the FIN flag set.
> Is there a way to configure shorewall to dicard these packages?
>
>
If you set the ''tcpflags'' option on the interface you are
testing to,
SYN,FIN should be dropped. Are you saying that you don''t think this is
happening?

-Tom
-- 
Tom Eastep     \ Nothing is foolproof to a sufficiently talented fool
Shoreline       \ http://www.shorewall.net
Washington, USA  \ teastep@shorewall.net

Shorewall users - Nov 2003 - General question

[Shorewall-users] General question

[Shorewall-users] General question