From owner-freebsd-security  Wed May 30  4:22: 3 2001
Delivered-To: freebsd-security@freebsd.org
Received: from mailsrv.otenet.gr (mailsrv.otenet.gr [195.170.0.5])
	by hub.freebsd.org (Postfix) with ESMTP id BD1ED37B42C
	for <freebsd-security@freebsd.org>; Wed, 30 May 2001 04:21:56 -0700 (PDT)
	(envelope-from keramidi@otenet.gr)
Received: from hades.hell.gr (patr530-b075.otenet.gr [195.167.121.203])
	by mailsrv.otenet.gr (8.11.1/8.11.1) with ESMTP id f4UBLpe04150;
	Wed, 30 May 2001 14:21:52 +0300 (EEST)
Received: (from charon@localhost)
	by hades.hell.gr (8.11.3/8.11.3) id f4UAqtp10233;
	Wed, 30 May 2001 13:52:55 +0300 (EEST)
	(envelope-from keramidi@otenet.gr)
Date: Wed, 30 May 2001 13:52:52 +0300
From: Giorgos Keramidas <keramidi@otenet.gr>
To: Liran Dahan <lirandb@netvision.net.il>
Cc: freebsd-security@freebsd.org
Subject: Re: Syn+Fin (Setup) And TCP RST
Message-ID: <20010530135251.A10210@hades.hell.gr>
References: <010f01c0e888$5ab3c120$b88f39d5@a> <200105291052100670.246E525C@smtp> <012601c0e88c$3e6efb20$b88f39d5@a> <3B141E8A.5AC7E84E@globalstar.com> <000801c0e897$11f2bb80$b88f39d5@a>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <000801c0e897$11f2bb80$b88f39d5@a>; from lirandb@netvision.net.il on Wed, May 30, 2001 at 01:28:30AM +0200
X-PGP-Fingerprint: 3A 75 52 EB F1 58 56 0D - C5 B8 21 B6 1B 5E 4A C2
X-URL: http://students.ceid.upatras.gr/~keramida/index.html
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Wed, May 30, 2001 at 01:28:30AM +0200, Liran Dahan wrote:
> I checked the rules order, its ok...But something strange..
> I've added rule like: ipfw add 1 reset tcp from any to any 100-200 , and i
> have daemon running on port 110, i telneted it and i got connection refused
> after 2 secs..(even when i have TCP_RESTRICT_RST Enabled - Via sysctl and
> Kernel), But when i telneted the other ports (that arent running daemons -
> Closed ports), it took about 30 seconds till i got connection refused - or
> it was connection timeout (i did it from windows telnet).

Why do I have the strange feeling that you have PARANOID enabled in your
hosts.allow for telnet connections and some DNS server times out on you?

--giorgos


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message