Date: Tue, 29 May 2001 16:31:33 -0500 From: Ryan <ryanpek@swbell.net> To: freebsd-security@freebsd.org Subject: Re: Syn+Fin (Setup) And TCP RST Message-ID: <002001c0e886$c440b2d0$45d8db40@mhx800> References: <010f01c0e888$5ab3c120$b88f39d5@a>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format.
------=_NextPart_000_0017_01C0E85C.D27B11D0
Content-Type: text/plain;
charset="windows-1255"
Content-Transfer-Encoding: quoted-printable
once again.. use ssh2
its alot safer!
----- Original Message -----=20
From: Liran Dahan=20
To: freebsd-security@freebsd.org=20
Sent: Tuesday, May 29, 2001 4:43 PM
Subject: Syn+Fin (Setup) And TCP RST
I've added those 2 options in my kernel long time ago:
options TCP_DROP_SYNFIN #drop TCP packets with SYN+FIN
options TCP_RESTRICT_RST #restrict emission of TCP RST =
=20
Is this could be the reason why even when i add in my firewall to send =
RST packets, it takes me 30 seconds till i get timeout of Connection =
refused when i telneting my box on randomly closed ports.. ?=20
And about TCP_DROP_SYNFIN .. is this could be one of the reasons =
'setup' command 'aint working on my ipfw?
If my speculations are true... Why those kernel options are used for?
Thanks,
Liran Dahan (lirandb@netvision.net.il)
------=_NextPart_000_0017_01C0E85C.D27B11D0
Content-Type: text/html;
charset="windows-1255"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dwindows-1255">
<META content=3D"MSHTML 5.50.4522.1800" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT size=3D2>once again.. use ssh2</FONT></DIV>
<DIV><FONT size=3D2>its alot safer!</FONT></DIV>
<DIV> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style=3D"FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV=20
style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: =
black"><B>From:</B>=20
<A title=3Dlirandb@netvision.net.il =
href=3D"mailto:lirandb@netvision.net.il">Liran=20
Dahan</A> </DIV>
<DIV style=3D"FONT: 10pt arial"><B>To:</B> <A =
title=3Dfreebsd-security@freebsd.org=20
=
href=3D"mailto:freebsd-security@freebsd.org">freebsd-security@freebsd.org=
</A>=20
</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Sent:</B> Tuesday, May 29, 2001 =
4:43 PM</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Subject:</B> Syn+Fin (Setup) And =
TCP=20
RST</DIV>
<DIV><BR></DIV>
<DIV><FONT face=3DArial size=3D2>
<DIV><FONT face=3DArial size=3D2>I've added those 2 options in my =
kernel long time=20
ago:</FONT></DIV>
<DIV><FONT face=3DArial=20
size=3D2>options =20
TCP_DROP_SYNFIN #drop =
TCP=20
packets with=20
SYN+FIN<BR>options =20
TCP_RESTRICT_RST #restrict =
emission=20
of TCP RST =
</FONT></DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>Is this could be the reason why even =
when i add=20
in my firewall to send RST packets, it takes me 30 seconds till i get =
timeout=20
of Connection refused when i telneting my box on randomly closed =
ports.. ?=20
</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>And about TCP_DROP_SYNFIN .. is this =
could be one=20
of the reasons 'setup' command 'aint working on my ipfw?</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>If my speculations are true... Why =
those kernel=20
options are used for?</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>Thanks,</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial=20
size=3D2> Liran =
Dahan (<A=20
=
href=3D"mailto:lirandb@netvision.net.il">lirandb@netvision.net.il</A>)</F=
ONT></DIV></FONT></DIV></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_0017_01C0E85C.D27B11D0--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002001c0e886$c440b2d0$45d8db40>