Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Livingston bugs...
From: lyonsm () netbistro com (Mike A Lyons)
Date: Tue, 12 Sep 1995 14:02:41 -0700

On Tue, 12 Sep 1995, Jay 'Whip' Grizzard wrote:

ObBugTraq: Apparently (at least, under limited testing), putting up a filter
to prevent folks from getting to your login port from the outside world
will protect you -- Except I don't _want_ to have to start filtering things
out, and in some circuimstances (backbone routers, etc), it's not exactly
a viable option. Do YOU want to have the bandwith of several T1's all
running through a filter before they get off the router? No, thanks...

Unless you can cite any actual benchmarks that demonstrate measurably
lower throughput when filters are in use I would be inclined to dismiss
this particular objection as uninformed speculation.  Packet filtering
based on specific, concisely encoded rules is a relatively old and fairly
well understood problem, and I doubt the additional overhead would be
significant at even the T1 level.. especially for a filter as simple as
Livingston's recommended work-around.

If you are having trouble setting up your filters (it's well known that
that section of the manual is clear as mud) querying Livingston technical
support, or the portmaster-users mailing list, would likely be of more
help to you and the rest of the world than spreading misinformation.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]