[wplug] users sending to wrong email address
Tom Rhodes
trhodes at FreeBSD.org
Thu Jan 3 19:22:41 EST 2008
On Fri, 4 Jan 2008 00:20:08 +0200
Alexandros Papadopoulos <apapadop at alumni.cmu.edu> wrote:
> On Thursday 03 January 2008 20:12, Christopher DeMarco wrote:
> <snip>
> > to timeout. I guess that one reason for silently dropping
> > connections, though, is to cost attackers time in portscanning. It's
> > a teergrube.
>
> ...which is a risk/cost worth taking. Slowing down illegitimate network
> traffic is the only first-responder action every node should perform and
> makes the life of legit connections marginally harder.
Tell that to someone fighting off an /i/ attack.
>
> The CPU hours wasted on nonexistent sockets are a very small price to pay for
> a few more minutes of Internet survivability against a flash worm.
A self inflicted DoS is definitely the wrong way to go. True, a
small band of kiddies could never drive your system to a
screetching halt; however, an extremely large group using something
like gigaload will definitely make your day miserable.
--
Tom Rhodes
More information about the wplug
mailing list