Date: Wed, 30 May 2001 15:49:02 +0200 From: "Liran Dahan" <lirandb@netvision.net.il> To: <freebsd-security@freebsd.org> Subject: Re: Syn+Fin (Setup) And TCP RST Message-ID: <000b01c0e90f$49604100$b88f39d5@a> References: <010f01c0e888$5ab3c120$b88f39d5@a> <200105291052100670.246E525C@smtp> <012601c0e88c$3e6efb20$b88f39d5@a> <3B141E8A.5AC7E84E@globalstar.com> <000801c0e897$11f2bb80$b88f39d5@a> <20010530135251.A10210@hades.hell.gr>
next in thread | previous in thread | raw e-mail | index | archive | help
About paranoid hosts.allow, you right :) But my DNS Server never timed out on me :P (I run my own DNS Server) ----- Original Message ----- From: "Giorgos Keramidas" <keramidi@otenet.gr> To: "Liran Dahan" <lirandb@netvision.net.il> Cc: <freebsd-security@freebsd.org> Sent: Wednesday, May 30, 2001 12:52 PM Subject: Re: Syn+Fin (Setup) And TCP RST > On Wed, May 30, 2001 at 01:28:30AM +0200, Liran Dahan wrote: > > I checked the rules order, its ok...But something strange.. > > I've added rule like: ipfw add 1 reset tcp from any to any 100-200 , and i > > have daemon running on port 110, i telneted it and i got connection refused > > after 2 secs..(even when i have TCP_RESTRICT_RST Enabled - Via sysctl and > > Kernel), But when i telneted the other ports (that arent running daemons - > > Closed ports), it took about 30 seconds till i got connection refused - or > > it was connection timeout (i did it from windows telnet). > > Why do I have the strange feeling that you have PARANOID enabled in your > hosts.allow for telnet connections and some DNS server times out on you? > > --giorgos > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000b01c0e90f$49604100$b88f39d5>