Date: Thu, 31 May 2001 15:06:43 -0400 From: "alexus" <ml@db.nexgen.com> To: "Rob Simmons" <rsimmons@wlcg.com>, "Liran Dahan" <lirandb@netvision.net.il> Cc: <freebsd-security@FreeBSD.ORG> Subject: Re: Limiting TCP RST Response Packets Message-ID: <003101c0ea04$d498b400$01000001@book> References: <Pine.BSF.4.21.0105311441450.4425-100000@mail.wlcg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
what is TCP_RESTRICT_RST do anyway? what is it for? ----- Original Message ----- From: "Rob Simmons" <rsimmons@wlcg.com> To: "Liran Dahan" <lirandb@netvision.net.il> Cc: <freebsd-security@FreeBSD.ORG> Sent: Thursday, May 31, 2001 2:46 PM Subject: Re: Limiting TCP RST Response Packets > -----BEGIN PGP SIGNED MESSAGE----- > Hash: RIPEMD160 > > You will need to add the following line to your kernel config file, and > recompile the kernel: > > options TCP_RESTRICT_RST > > You should also read the comments about this option in the LINT file. > > Then you will need to add this line to your rc.conf file: > > tcp_restrict_rst="YES" > > or you can use the sysctl knob: > > net.inet.tcp.restrict_rst > > Robert Simmons > Systems Administrator > http://www.wlcg.com/ > > On Thu, 31 May 2001, Liran Dahan wrote: > > > Im afarid of someone trying to flood me by Connecting to me 1000 times > > and for every time like that it will send TCP Rst Reponse. Is there > > any way to Limit TCP Rst Response packets? Is there a way to Limit > > Unreach Messages (IPFW) that it wont flood me too ? > > > > -Liran Dahan- (lirandb@netvision.net.il) > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.5 (FreeBSD) > Comment: For info see http://www.gnupg.org > > iD8DBQE7FpF1v8Bofna59hYRA/uBAJ43eCmPWdjrBK3DTt1DKCnSA5k0KwCdGMAa > MgbhLld2PtM7xBxEEuXfcgc= > =7UMY > -----END PGP SIGNATURE----- > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?003101c0ea04$d498b400$01000001>