Re: Other possible protection against RST/SYN attacks (was Re: TCP RST attack

From: Gary Corcoran (garycor_at_comcast.net)
Date: 04/21/04

  • Next message: Don Lewis: "Re: [Full-Disclosure] IETF Draft - Fix for TCP vulnerability (fwd)" 
    Date: Wed, 21 Apr 2004 17:18:26 -0400
To: Charles Swiger <cswiger@mac.com>

    Charles Swiger wrote:

    > On Apr 21, 2004, at 4:14 PM, Mike Tancsa wrote:
    >
    >> What side effects if any are there? Why is the default 64 and not
    >> some other number like 255...
    >
    >
    > The default TTL gets decremented with every hop, which means that a
    > packet coming in with a TTL of 255 had to be sent by a directly
    > connected system. [ip_ttl is an octet, so it can't hold a larger TTL
    > value.]

    Huh? 255-- == 254, not 0. A TTL of 255 just allows the maximum possible
    number of hops, before being declared hopelessly lost.

    > A packet with a TTL of 64 could have been many hops away.

    As DES said in a later reply, 64 was probably just a reasonable,
    but arbitrary value. Whereas 255 would probably allow for several
    trips around the world, and would be overkill.

    Gary

    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

  • Next message: Don Lewis: "Re: [Full-Disclosure] IETF Draft - Fix for TCP vulnerability (fwd)"

    Relevant Pages