Re: Other possible protection against RST/SYN attacks (was Re: TCP RST attack

From: Gary Corcoran (garycor_at_comcast.net)
Date: 04/22/04

  • Next message: Bill Fumerola: "Re: Other possible protection against RST/SYN attacks (was Re: TCP RST attack"
    Date: Wed, 21 Apr 2004 18:10:30 -0400
    To: Gary Corcoran <garycor@comcast.net>, freebsd-security@freebsd.org
    
    

    > In any event, it still seems like a TTL of 255 is overkill for this application...

    Unless, of course, you want to only accept packets with TTL
    of 255. This might be fine when both ends are setup to work
    this way. But it might break general interoperability...

    Gary

    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"


  • Next message: Bill Fumerola: "Re: Other possible protection against RST/SYN attacks (was Re: TCP RST attack"

    Relevant Pages

    • Re: Other possible protection against RST/SYN attacks (was Re: TCP RST attack
      ... At 06:10 PM 21/04/2004, Gary Corcoran wrote: ... >Unless, of course, you want to only accept packets with TTL ... To unsubscribe, ...
      (FreeBSD-Security)
    • Re: How to find out client physical location?
      ... It'd be somewhat easier if you had security setup for it, ... something like Ethereal to sniff the packets. ... There is also the "problem with the network, ...
      (alt.internet.wireless)
    • Re: FreeBSD 7, bridge, PF and syn flood = very bad performance
      ... I am using pf from 7.0-RELEASE FreeBSD 7.0-RELEASE ... FW Setup: As Bridge ... But the other thing we setup with PF is Altq. ... the CPU load goes high it drops heaps of packets. ...
      (freebsd-current)
    • Re: current-mode opamps
      ... when you screw the TTL logic with wrong level you screw your ... packets transmitted, 5 packets received, 0% packet loss ... % This is the RIPE Whois query server #1. ... mnt-routes: INET-NOC ...
      (sci.electronics.design)
    • Re: Packet filters
      ... > nature so I need to setup a firewall on the management interface. ... > handling any of the packets on the second interface. ...
      (freebsd-questions)