Date: Wed, 12 Jan 2000 08:23:45 -0800 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: Dag-Erling Smorgrav <des@flood.ping.uio.no> Cc: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>, Brad Knowles <blk@skynet.be>, Holtor <holtor@yahoo.com>, freebsd-questions@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG Subject: Re: Kernel Option: TCP_DROP_SYNFIN Message-ID: <200001121623.IAA04213@cwsys.cwsent.com> In-Reply-To: Your message of "12 Jan 2000 09:30:44 %2B0100." <xzphfgjr8sr.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <xzphfgjr8sr.fsf@flood.ping.uio.no>, Dag-Erling Smorgrav
writes:
> Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> writes:
> > In message <xzpya9xq9sq.fsf@flood.ping.uio.no>, Dag-Erling Smorgrav
> > writes:
> > > It doesn't have anything to do with syn floods at all. It merely
> > > prevents OS fingerprinting (at least the way nmap does it).
> > The following ipfw rule will also prevent OS fingerprinting.
> >
> > deny log tcp from any to any in tcpflg fin,syn
>
> It does precisely the same thing as TCP_DROP_SYNFIN, except much slower.
And it would log the event.
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
Sun/DEC Team, UNIX Group Internet: Cy.Schubert@uumail.gov.bc.ca
ITSD
Province of BC
"e**(i*pi)+1=0"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001121623.IAA04213>