From owner-freebsd-security  Thu May 31 13: 4:34 2001
Delivered-To: freebsd-security@freebsd.org
Received: from alpha.netvision.net.il (alpha.netvision.net.il [194.90.1.13])
	by hub.freebsd.org (Postfix) with ESMTP id D05BF37B424
	for <freebsd-security@freebsd.org>; Thu, 31 May 2001 13:04:28 -0700 (PDT)
	(envelope-from lirandb@netvision.net.il)
Received: from a ([213.57.143.184])
	by alpha.netvision.net.il (8.9.3/8.8.6) with SMTP id XAA04188
	for <freebsd-security@freebsd.org>; Thu, 31 May 2001 23:04:27 +0300 (IDT)
Message-ID: <009401c0ea15$518a3a00$b88f39d5@a>
From: "Liran Dahan" <lirandb@netvision.net.il>
To: <freebsd-security@freebsd.org>
Subject: Re: Limiting TCP RST Response Packets
Date: Thu, 31 May 2001 23:04:44 +0200
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_NextPart_000_0091_01C0EA26.14D16D20"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2919.6600
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

This is a multi-part message in MIME format.

------=_NextPart_000_0091_01C0EA26.14D16D20
Content-Type: text/plain;
	charset="windows-1255"
Content-Transfer-Encoding: quoted-printable

I saw blackhole(4) but i dont really understand it..?=20
 is it useful? And if i use firewall and filter-prohib tcp packets, then =
what?

>blackhole makes more sense i think. see blackhole(4)
>
>rohrbach@WM:datasink[~]19% cat /etc/sysctl.conf=20
>net.inet.tcp.blackhole=3D2
>net.inet.udp.blackhole=3D1
>
>/k
>
>Rob Simmons(rsimmons@wlcg.com)@2001.05.31 >14:46:09 +0000:


------=_NextPart_000_0091_01C0EA26.14D16D20
Content-Type: text/html;
	charset="windows-1255"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Dwindows-1255" =
http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.2919.6307" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>I saw blackhole(4) but i dont really =
understand=20
it..</FONT><FONT face=3DArial size=3D2>?&nbsp;</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>&nbsp;is it useful? And if i use =
firewall and=20
filter-prohib tcp packets, then what?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>&gt;blackhole makes more sense i think. =
see=20
blackhole(4)</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>&gt;</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>&gt;rohrbach@WM:datasink[~]19% cat =
/etc/sysctl.conf=20
<BR>&gt;net.inet.tcp.blackhole=3D2<BR>&gt;net.inet.udp.blackhole=3D1</FON=
T></DIV>
<DIV><FONT face=3DArial size=3D2>&gt;</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>&gt;/k</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>&gt;</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>&gt;Rob Simmons(<A=20
href=3D"mailto:rsimmons@wlcg.com">rsimmons@wlcg.com</A>)@2001.05.31 =
&gt;14:46:09=20
+0000:<BR></FONT></DIV></BODY></HTML>

------=_NextPart_000_0091_01C0EA26.14D16D20--


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message