Date: Sun, 13 Jun 1999 16:28:52 -0400 (EDT) From: David Gilbert <dgilbert@velocet.ca> To: Jay Nelson <jdn@acp.qiv.com> Cc: "Ed P." <secure@r0ck.com>, security@FreeBSD.ORG Subject: Re: Fwd: [linux-security] Re: Port 7 scan Message-ID: <14180.5252.211630.750974@trooper.velocet.ca> In-Reply-To: <Pine.BSF.4.05.9906131348450.801-100000@acp.qiv.com> References: <99061312495500.02641@MOLTEN.R0CK.COM> <Pine.BSF.4.05.9906131348450.801-100000@acp.qiv.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "Jay" == Jay Nelson <jdn@acp.qiv.com> writes: Jay> This explains what is going on. Thank you. It does, though, raise Jay> a couple of other questions: Jay> The echo service is, AFIK, a peculiarly Unix service. Why do you Jay> suppose they chose echo for the latency test as opposed to a Jay> simple ping? Nearly everything with an ethernet card will respond Jay> to a ping returning, I would think, more useful latency Jay> information than a refused connect. Jay> Since echo is Unixcentric and most new admins leave echo open, Jay> echo will reveal far more about a machine than a ping. Could it Jay> be that this is the intent? Actually, this is probably caused by a desire to subvert an 'optimization' made at major routers on the net. In general, most busy routers 'de-prioritize' ping traffic. This is largely due to the face that the worse the network gets, the higher the amount of ping traffic (coming from people who wonder why it's slow). So the latency from a ping connection isn't as accurate as trying to open a tcp connection. Dave. -- ============================================================================ |David Gilbert, Velocet Communications. | Two things can only be | |Mail: dgilbert@velocet.net | equal if and only if they | |http://www.velocet.net/~dgilbert | are precisely opposite. | =========================================================GLO================ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14180.5252.211630.750974>