From owner-freebsd-security Wed May 9 2:29:23 2001 Delivered-To: freebsd-security@freebsd.org Received: from alpha.netvision.net.il (alpha.netvision.net.il [194.90.1.13]) by hub.freebsd.org (Postfix) with ESMTP id 1402637B42C for ; Wed, 9 May 2001 02:29:17 -0700 (PDT) (envelope-from lirandb@netvision.net.il) Received: from a ([213.57.143.184]) by alpha.netvision.net.il (8.9.3/8.8.6) with SMTP id MAA19918 for ; Wed, 9 May 2001 12:29:14 +0300 (IDT) Message-ID: <002601ba1df7$4da07940$b88f39d5@a> From: "Retal" To: Subject: Some Kernel options Date: Tue, 9 May 1995 12:26:09 +0200 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0023_01BA1E08.10F6EEA0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6600 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_0023_01BA1E08.10F6EEA0 Content-Type: text/plain; charset="windows-1255" Content-Transfer-Encoding: quoted-printable I could not have wondered but..Its only me or other people compiling = their kernel with this options: options KBD_INSTALL_CDEV # install a CDEV entry in /dev options TCP_DROP_SYNFIN #drop TCP packets with SYN+FIN options TCP_RESTRICT_RST #restrict emission of TCP RST options ICMP_BANDLIM = =20 Those options has any effect? i use them for months but i havent seen = any difference between my other machines. BTW: if i add TCP_DROP_SYNFIN, it should effect setup option in my = firewall ?if it is, how ? Thanks, -Liran Dahan- [lirandb@netvision.net.il] ------=_NextPart_000_0023_01BA1E08.10F6EEA0 Content-Type: text/html; charset="windows-1255" Content-Transfer-Encoding: quoted-printable
I could not have wondered but..Its only = me or other=20 people compiling their kernel with this options:
options        =20 KBD_INSTALL_CDEV        # install a = CDEV=20 entry in /dev
options         = TCP_DROP_SYNFIN         #drop = TCP=20 packets with = SYN+FIN
options        =20 TCP_RESTRICT_RST        #restrict = emission of=20 TCP RST
options        =20 ICMP_BANDLIM          &= nbsp;           &n= bsp;           &nb= sp;           &nbs= p;   =20
 
Those options has any effect? i use = them for months=20 but i havent seen any difference between my other machines.
 
BTW: if i add TCP_DROP_SYNFIN, it should effect setup option in my = firewall=20 ?if it is, how ?
 
Thanks,
 
 
-Liran Dahan- [lirandb@netvision.net.il]
 
------=_NextPart_000_0023_01BA1E08.10F6EEA0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message