|
If you put any server directly onto the internet you are asking for trouble. Now if you have a firewall, it SHOULD be configured to randomize packet headers thus preventing the attach they are talking about. Trying to secure individual server is way too much work. It is easiest to secure you entire network with a firewall. Now if they were testing IBM AS400 Firewall product and you are running that, then I would reconsider a new firewall product. What they were testing is somewhat unclear. Christopher K. Bipes mailto:Chris.Bipes@Cross-Check.com Operations & Network Mgr mailto:Chris_Bipes@Yahoo.com CrossCheck, Inc. http://www.cross-check.com 6119 State Farm Drive Phone: 707 586-0551 x 1102 Rohnert Park CA 94928 Fax: 707 586-1884 -----Original Message----- From: James Rich [mailto:james@eaerich.com] I just read an interesting paper on IP spoofing. Several systems were tested for their TCP/IP sequence number generators and randomness. It was discovered that insufficiently random TCP/IP sequence numbers result in easy IP spoofing and other attacks (see CERT Advisory CA-2001-09 for more). OS/400 was included in the study and found to be very lacking. Can someone comment on what this means in terms of securing a site?
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
