Date: Thu, 18 Oct 2012 15:26:54 +0200 From: Andre Oppermann <oppermann@networx.ch> To: h bagade <bagadeh@gmail.com> Cc: freebsd-net@freebsd.org Subject: Re: TCP_DROP_SYNFIN kernel option side effects?! Message-ID: <5080039E.9070202@networx.ch> In-Reply-To: <CAARSjE15=zkw0V3hWFgmt0drnAOzB%2BUZ9TGZo%2B4Z9UcgNLPG4A@mail.gmail.com> References: <CAARSjE15=zkw0V3hWFgmt0drnAOzB%2BUZ9TGZo%2B4Z9UcgNLPG4A@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 16.10.2012 17:27, h bagade wrote: > Hi all, > > I need to add this option to kernel in order to defeating Nmap > OS-Fingerprinting. My system is running as Web Server and also it is the > gateway on the network. > I want to know if setting this option has any side effects on other parts > of the system? Is there any situation that SYN and FIN bits are set both in > TCP packets? Is it a normal situation? SYN and FIN is not normal. Doing TCP_DROP_SYNFIN is not RFC compliant but doesn't cause any problems. -- Andre
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5080039E.9070202>