From owner-freebsd-net@FreeBSD.ORG Tue Oct 16 15:27:34 2012 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B1896E1D for ; Tue, 16 Oct 2012 15:27:34 +0000 (UTC) (envelope-from s.khanchi@gmail.com) Received: from mail-ie0-f182.google.com (mail-ie0-f182.google.com [209.85.223.182]) by mx1.freebsd.org (Postfix) with ESMTP id 6F82E8FC17 for ; Tue, 16 Oct 2012 15:27:34 +0000 (UTC) Received: by mail-ie0-f182.google.com with SMTP id k10so13112009iea.13 for ; Tue, 16 Oct 2012 08:27:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:from:date:x-google-sender-auth:message-id :subject:to:content-type; bh=eAbprt1hU2bXTmYJ3M2Sf1efHtGNNBI92a5uMrb483A=; b=FFdmbyOCko1Cy2yH3WDdJ+J2cIjjV232UzVU56H/jfV4ZAkGQ9ApQeoelbT6vCeBtj HDoBo2gid0+6d54RiFIqKpdvHiDn7RtW5lEhJEG9FOakDp9CQIseOT8bCEekL9lSnZER cn5j/lzmMc9XDG8EW2AXWBfv6qsd9aZ/Zbf3k8hz0M1HMiaToom5r9zdbDg9Lo+z/Dw5 64n/aJl9OVHbI8YWqjwflHV8pwoUMJYSmoq3dJ6lDMtNWVJIAVUkBEwF1t0xF+wk9Ln5 7HD3vEDBAO0IdL1jzCaVTSnUeWmV+KWwKSHAu7IKQ4oG1rbvhrkDwxr+xJDYyOeqp2ip DfEw== Received: by 10.50.171.5 with SMTP id aq5mr680433igc.36.1350401250787; Tue, 16 Oct 2012 08:27:30 -0700 (PDT) MIME-Version: 1.0 Sender: s.khanchi@gmail.com Received: by 10.64.51.234 with HTTP; Tue, 16 Oct 2012 08:27:10 -0700 (PDT) From: h bagade Date: Tue, 16 Oct 2012 18:57:10 +0330 X-Google-Sender-Auth: Q6-xiu0KfuqcM3BJWPqnE6-Vhos Message-ID: Subject: TCP_DROP_SYNFIN kernel option side effects?! To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Oct 2012 15:27:34 -0000 Hi all, I need to add this option to kernel in order to defeating Nmap OS-Fingerprinting. My system is running as Web Server and also it is the gateway on the network. I want to know if setting this option has any side effects on other parts of the system? Is there any situation that SYN and FIN bits are set both in TCP packets? Is it a normal situation? Any helps or comments are really appreciated.