Craig White wrote:
> 
> >
> > "J.L.Francois" wrote:
> > >
> > > Haven't seen this posted on the list yet:
> > >
> > > http://sendmail.net/?feed=000607linuxbug
> > >
> > > Be Afraid!
> > >
> > > Jean Francois Sends...
> > > President & CEO - MagusNet, Inc.,    MagusNet.com,
> > MagusNet.Gilbert.AZ.US
> > > Director Of Managed Services OpNIX,  http://www.opnix.com/
> > > ***********************Simply Better
> > Bandwidth****************************
> > > 602-770-JLF1 - Cellular, ICQ:  8137851
> > >
> > > _______________________________________________
> > > Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
> > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> > Does this affect pople who do not allow services ouside??
> >
> > I am firewalling all ports for SYN packets.
> >
> > The Wolf
> > --
> Actually, my understanding is that this is a local exploit only...meaning
> that the firewall is not a factor.
> 
> Wouldn't blocking the return of all SYN packets prevent masquerading from
> working?
> 
> Craig
> 
> _______________________________________________
> Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss


Not really.

I think only in ftp case it may be a factor.  But there is a workaround.


-- 
"The questions is not if we are paranoid, 
the question is if we are paranoid enough."