Date: Thu, 31 May 2001 14:40:02 -0500 (CDT) From: Mike Silbersack <silby@silby.com> To: Rob Simmons <rsimmons@wlcg.com> Cc: <freebsd-security@FreeBSD.ORG> Subject: Re: Limiting TCP RST Response Packets Message-ID: <20010531143721.A74065-100000@achilles.silby.com> In-Reply-To: <Pine.BSF.4.21.0105311514090.4425-100000@mail.wlcg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 31 May 2001, Rob Simmons wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: RIPEMD160 > > Maybe that should be mentioned in LINT? > > Robert Simmons > Systems Administrator > http://www.wlcg.com/ Changing the comment to say that the *.blackhole sysctls should be used instead, and only then very sparingly would be a good idea, yes. RESTRICT_RST is gone from current, which is why nobody has thought about changing the comment for it in LINT. There is one case where such blackholing may be useful at this point in time. I think I have a better solution for it, but it'll be a while before I have a patch ready. (It's not a big deal, in any case.) Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010531143721.A74065-100000>