Date: Wed, 21 Apr 2004 20:32:32 -0400 From: Mike Tancsa <mike@sentex.net> To: freebsd-security@freebsd.org Subject: Re: Other possible protection against RST/SYN attacks (was Re: TCP RST attack Message-ID: <6.0.3.0.0.20040421202553.08107ad0@209.112.4.2> In-Reply-To: <4086F156.7040808@comcast.net> References: <6.0.3.0.0.20040420144001.0723ab80@209.112.4.2> <200404201332.40827.dr@kyx.net> <20040421111003.GB19640@lum.celabo.org> <6.0.3.0.0.20040421121715.04547510@209.112.4.2> <20040421165454.GB20049@lum.celabo.org> <6.0.3.0.0.20040421132605.0901bb40@209.112.4.2> <48FCF8AA-93CF-11D8-9C50-000393C94468@sarenet.es> <6.0.3.0.0.20040421161217.05453308@209.112.4.2> <75226E9B-93D3-11D8-90F9-003065ABFD92@mac.com> <4086E522.7090303@comcast.net> <20040421214445.GX476@seekingfire.com> <4086EED7.3070808@comcast.net> <4086F156.7040808@comcast.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 06:10 PM 21/04/2004, Gary Corcoran wrote:
>>In any event, it still seems like a TTL of 255 is overkill for this
>>application...
>
>Unless, of course, you want to only accept packets with TTL
>of 255. This might be fine when both ends are setup to work
>this way.
Yes, but thats the whole point of it. By having the 2 BGP speakers *only*
accept packets that have a TTL of 255, you are safe to bet it has not come
across another router as no one has decremented the TTL value.
---Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.3.0.0.20040421202553.08107ad0>