Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Server blocks access of IP after nmap scan

From: Todd Haverkos <infosec () haverkos com>
Date: Fri, 20 May 2011 09:11:50 -0500
amon.amarth9 () gmail com writes:


Nice explained. Anyway, the problem is that although this can be
effective defense structure, when not configured properly it can
block legitimate users too. 


Indeed.  

For example, what if the attacker decides to spoof traffic pretending
to be from... oh, the IP's of the 13 root dns servers? 

The misconfigured environment would then suddenly have one hell of a
time resolving new DNS queries.  So, care must be taken for such
defenses. 

Nmap's idle scan rules for this sort of thing.  Finding good idle
zombies becomes the fun.

--
Todd Haverkos, LPT MsCompE
http://haverkos.com/

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: