Re: Other possible protection against RST/SYN attacks (was Re: TCP RST attack

From: Mike Benjamin (mikeb_at_mikeb.org)
Date: 04/21/04

  • Next message: Devon H. O'Dell: "Re: [patch] Raw sockets in jails" 
    Date: Wed, 21 Apr 2004 14:41:26 -0700
To: Kevin Stevens <Kevin_Stevens@pursued-with.net>

    On Wed, Apr 21, 2004 at 02:16:31PM -0700, Kevin Stevens wrote:
    :
    : On Wed, 21 Apr 2004, [iso-8859-1] Dag-Erling Smørgrav wrote:
    :
    : > Mike Tancsa <mike@sentex.net> writes:
    : > I think the default ttl of 64 was an arbitrary choice. You would
    : > probably be fine using 32, but any lower than that and you would start
    : > having trouble crossing oceans.
    :
    : ?? Because of all the router buoys floating around??

    Because hosts overseas tend to cross a greater distance, and packets
    traveling greater distances tend to cross more routers. This is not
    the rule, just a generalization.

    It is invalidated in some cases by MPLS LSPs being configured not to
    decrement TTL, and in others by the src and dst being in the same ASN,
    and even others who have a limited number of POPs which creates huge
    distances without ever breaking out at a l3 device. But, the
    generalization is still correct in most cases.

    A trace from my connection in the US to an arbitrary host in Finland
    gives me 28 hops (across 4 ASNs).. that's awfully close to 32.

    --mikeb

    : KeS
    : _______________________________________________
    : freebsd-security@freebsd.org mailing list
    : http://lists.freebsd.org/mailman/listinfo/freebsd-security
    : To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

    --
    Mike Benjamin = mikeb@mikeb.org
    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

  • Next message: Devon H. O'Dell: "Re: [patch] Raw sockets in jails"