Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 21 Apr 2004 18:10:30 -0400
From:      Gary Corcoran <garycor@comcast.net>
To:        Gary Corcoran <garycor@comcast.net>, freebsd-security@freebsd.org
Subject:   Re: Other possible protection against RST/SYN attacks (was Re: TCP RST attack
Message-ID:  <4086F156.7040808@comcast.net>
In-Reply-To: <4086EED7.3070808@comcast.net>
References:  <6.0.3.0.0.20040420144001.0723ab80@209.112.4.2> <200404201332.40827.dr@kyx.net> <20040421111003.GB19640@lum.celabo.org> <6.0.3.0.0.20040421121715.04547510@209.112.4.2> <20040421165454.GB20049@lum.celabo.org> <6.0.3.0.0.20040421132605.0901bb40@209.112.4.2> <48FCF8AA-93CF-11D8-9C50-000393C94468@sarenet.es> <6.0.3.0.0.20040421161217.05453308@209.112.4.2> <75226E9B-93D3-11D8-90F9-003065ABFD92@mac.com> <4086E522.7090303@comcast.net> <20040421214445.GX476@seekingfire.com> <4086EED7.3070808@comcast.net>

next in thread | previous in thread | raw e-mail | index | archive | help

> In any event, it still seems like a TTL of 255 is overkill for this application...

Unless, of course, you want to only accept packets with TTL
of 255.  This might be fine when both ends are setup to work
this way.  But it might break general interoperability...

Gary





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4086F156.7040808>