From owner-freebsd-security Thu May 31 11:57:58 2001 Delivered-To: freebsd-security@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with ESMTP id E0B1637B423 for ; Thu, 31 May 2001 11:57:55 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 73980 invoked by uid 1000); 31 May 2001 18:57:53 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 31 May 2001 18:57:53 -0000 Date: Thu, 31 May 2001 13:57:53 -0500 (CDT) From: Mike Silbersack To: Liran Dahan Cc: Subject: Re: Limiting TCP RST Response Packets In-Reply-To: <000a01c0ea06$be934600$b88f39d5@a> Message-ID: <20010531135604.F73746-100000@achilles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, 31 May 2001, Liran Dahan wrote: > Im afarid of someone trying to flood me by Connecting to me 1000 times > and for every time like that it will send TCP Rst Reponse. Is there > any way to Limit TCP Rst Response packets? Is there a way to Limit > Unreach Messages (IPFW) that it wont flood me too ? > > -Liran Dahan- (lirandb@netvision.net.il) Since 4.0-release, limiting of RST response packets and icmp unreach messages has been done automatically by the default kernel. You do not need to do anything special, and need not worry about this. If the limiting is triggered, you will see messages in dmesg telling you so. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message