Date: Sun, 9 Jan 2000 12:18:29 -0800 (PST) From: Holtor <holtor@yahoo.com> To: freebsd-questions@freebsd.org Cc: freebsd-stable@freebsd.org Subject: Kernel Option: TCP_DROP_SYNFIN Message-ID: <20000109201829.20220.qmail@web116.yahoomail.com>
next in thread | raw e-mail | index | archive | help
I've found this looking threw LINT: # The following options add sysctl variables for controlling how certain # TCP packets are handled. # # TCP_DROP_SYNFIN adds support for ignoring TCP packets with SYN+FIN. This # prevents nmap et al. from identifying the TCP/IP stack, but breaks support # for RFC1644 extensions and is not recommended for web servers. # options TCP_DROP_SYNFIN #drop TCP packets with SYN+FIN Would this help stop SYN floods from breaking my freebsd computer? if anyones tried it, please speak up with any results or how it works. Thanks! Holtor __________________________________________________ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000109201829.20220.qmail>