From owner-freebsd-security@FreeBSD.ORG  Wed Apr 21 09:55:39 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 14C5B16A4CE
	for <freebsd-security@FreeBSD.org>;
	Wed, 21 Apr 2004 09:55:39 -0700 (PDT)
Received: from gw.celabo.org (gw.celabo.org [208.42.49.153])
	by mx1.FreeBSD.org (Postfix) with ESMTP id BCD7143D66
	for <freebsd-security@FreeBSD.org>;
	Wed, 21 Apr 2004 09:55:38 -0700 (PDT)
	(envelope-from nectar@celabo.org)
Received: from localhost (localhost [127.0.0.1])
	by gw.celabo.org (Postfix) with ESMTP
	id 2B55654846; Wed, 21 Apr 2004 11:55:38 -0500 (CDT)
Received: from gw.celabo.org ([127.0.0.1])
 by localhost (hellblazer.celabo.org [127.0.0.1]) (amavisd-new, port 10024)
 with SMTP id 86835-01; Wed, 21 Apr 2004 11:55:27 -0500 (CDT)
Received: from lum.celabo.org (lum.celabo.org [10.0.1.107])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client CN "lum.celabo.org", Issuer "celabo.org CA" (verified OK))
	by gw.celabo.org (Postfix) with ESMTP
	id 8B5C75482B; Wed, 21 Apr 2004 11:55:27 -0500 (CDT)
Received: by lum.celabo.org (Postfix, from userid 501)
	id F2CAA1D168B; Wed, 21 Apr 2004 11:54:54 -0500 (CDT)
Date: Wed, 21 Apr 2004 11:54:54 -0500
From: "Jacques A. Vidrine" <nectar@FreeBSD.org>
To: Mike Tancsa <mike@sentex.net>
Message-ID: <20040421165454.GB20049@lum.celabo.org>
Mail-Followup-To: "Jacques A. Vidrine" <nectar@FreeBSD.org>,
	Mike Tancsa <mike@sentex.net>, freebsd-security@FreeBSD.org
References: <6.0.3.0.0.20040420125557.06b10d48@209.112.4.2>
	<xzp65buh5fa.fsf@dwp.des.no> <6.0.3.0.0.20040420144001.0723ab80@209.112.4.2>
	<200404201332.40827.dr@kyx.net> <20040421111003.GB19640@lum.celabo.org>
	<6.0.3.0.0.20040421121715.04547510@209.112.4.2>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <6.0.3.0.0.20040421121715.04547510@209.112.4.2>
X-Url: http://www.celabo.org/
User-Agent: Mutt/1.5.6i
cc: freebsd-security@FreeBSD.org
Subject: Re: Other possible protection against RST/SYN attacks (was Re: TCP
	RST attack
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Apr 2004 16:55:39 -0000

On Wed, Apr 21, 2004 at 12:30:40PM -0400, Mike Tancsa wrote:
> 
> One other technique that might help with respect to this attack is what 
> Cisco implemented, commonly known as the "TTL hack"
> 
> http://www.nanog.org/mtg-0302/hack.html

More commonly known as GTSM and RFC 3682.

Cheers,
-- 
Jacques Vidrine / nectar@celabo.org / jvidrine@verio.net / nectar@freebsd.org