Date: Tue, 29 May 2001 14:02:10 -0700 From: faSty <fasty@i-sphere.com> To: Liran Dahan <lirandb@netvision.net.il>, freebsd-security@FreeBSD.ORG Subject: Re: Syn+Fin (Setup) And TCP RST Message-ID: <20010529140207.A12246@i-sphere.com> In-Reply-To: <007501c0e881$c86a78a0$0101a8c0@cascade>; from veldy@veldy.net on Tue, May 29, 2001 at 03:56:07PM -0500 References: <010f01c0e888$5ab3c120$b88f39d5@a> <007501c0e881$c86a78a0$0101a8c0@cascade>
next in thread | previous in thread | raw e-mail | index | archive | help
I have TCP_DROP_SYNFIN and RST enabled on my server. I have no problem connection via telnet or any service. -trev On Tue, May 29, 2001 at 03:56:07PM -0500, Thomas T. Veldhouse wrote: > NO. I have those options in my kernel and I have no such trouble connecting > via telnet. > > Tom Veldhouse > veldy@veldy.net > > PS HTML is a bit inappropriate for a public mailing list. > > ----- Original Message ----- > From: Liran Dahan > To: freebsd-security@freebsd.org > Sent: Tuesday, May 29, 2001 4:43 PM > Subject: Syn+Fin (Setup) And TCP RST > > > I've added those 2 options in my kernel long time ago: > options TCP_DROP_SYNFIN #drop TCP packets with SYN+FIN > options TCP_RESTRICT_RST #restrict emission of TCP RST > > > Is this could be the reason why even when i add in my firewall to send RST > packets, it takes me 30 seconds till i get timeout of Connection refused > when i telneting my box on randomly closed ports.. ? > > And about TCP_DROP_SYNFIN .. is this could be one of the reasons 'setup' > command 'aint working on my ipfw? > > If my speculations are true... Why those kernel options are used for? > > Thanks, > > Liran Dahan (lirandb@netvision.net.il) > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010529140207.A12246>