Date: Wed, 12 Jan 2000 08:23:45 -0800 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: Dag-Erling Smorgrav <des@flood.ping.uio.no> Cc: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>, Brad Knowles <blk@skynet.be>, Holtor <holtor@yahoo.com>, freebsd-questions@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG Subject: Re: Kernel Option: TCP_DROP_SYNFIN Message-ID: <200001121623.IAA04213@cwsys.cwsent.com> In-Reply-To: Your message of "12 Jan 2000 09:30:44 %2B0100." <xzphfgjr8sr.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <xzphfgjr8sr.fsf@flood.ping.uio.no>, Dag-Erling Smorgrav writes: > Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> writes: > > In message <xzpya9xq9sq.fsf@flood.ping.uio.no>, Dag-Erling Smorgrav > > writes: > > > It doesn't have anything to do with syn floods at all. It merely > > > prevents OS fingerprinting (at least the way nmap does it). > > The following ipfw rule will also prevent OS fingerprinting. > > > > deny log tcp from any to any in tcpflg fin,syn > > It does precisely the same thing as TCP_DROP_SYNFIN, except much slower. And it would log the event. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Sun/DEC Team, UNIX Group Internet: Cy.Schubert@uumail.gov.bc.ca ITSD Province of BC "e**(i*pi)+1=0" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001121623.IAA04213>