Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 12 Jan 2000 08:23:45 -0800
From:      Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
To:        Dag-Erling Smorgrav <des@flood.ping.uio.no>
Cc:        Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>, Brad Knowles <blk@skynet.be>, Holtor <holtor@yahoo.com>, freebsd-questions@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG
Subject:   Re: Kernel Option: TCP_DROP_SYNFIN 
Message-ID:  <200001121623.IAA04213@cwsys.cwsent.com>
In-Reply-To: Your message of "12 Jan 2000 09:30:44 %2B0100." <xzphfgjr8sr.fsf@flood.ping.uio.no> 

next in thread | previous in thread | raw e-mail | index | archive | help
In message <xzphfgjr8sr.fsf@flood.ping.uio.no>, Dag-Erling Smorgrav 
writes:
> Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> writes:
> > In message <xzpya9xq9sq.fsf@flood.ping.uio.no>, Dag-Erling Smorgrav 
> > writes:
> > > It doesn't have anything to do with syn floods at all. It merely
> > > prevents OS fingerprinting (at least the way nmap does it).
> > The following ipfw rule will also prevent OS fingerprinting.
> > 
> > deny log tcp from any to any in tcpflg fin,syn
> 
> It does precisely the same thing as TCP_DROP_SYNFIN, except much slower.

And it would log the event.


Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
Sun/DEC Team, UNIX Group    Internet:  Cy.Schubert@uumail.gov.bc.ca
ITSD
Province of BC
                      "e**(i*pi)+1=0"





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001121623.IAA04213>