SPF

Discussion in 'LnS English Forum' started by shadek, Mar 20, 2008.

Thread Status:
Not open for further replies.
  1. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,363
    Location:
    Sweden
    When I install LnS and activate the SPF-feature, do I need to import the raw rules posted in this forum? Activating the SPF-feature should tighten the security, right?
     
  2. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi,

    When you just enable the SPF-Feature, only the TCP SPF is enabled (and packet not belonging to a valid TCP connections are blocked).

    The other SPF rules are for connectionless protocols (ARP, ICMP, UDP). With these rules an incoming packet will be accepted only if the PC has sent first a packet, and both packets have to match (a control is made on hearders or contents).
    A typical case is the ping. By default, standard rulesets accept all incoming ping responses. With the SPF ICMP Echo rule, a ping response is accepted only if the PC has sent first a ping request.

    Regards,

    Frederic
     
    Last edited: Mar 22, 2008
  3. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,363
    Location:
    Sweden
    Thank you for that information. :)
     
Thread Status:
Not open for further replies.