Date: Sat, 5 Jan 2002 16:39:00 -0800 From: "Crist J. Clark" <cristjc@earthlink.net> To: Leo Bicknell <bicknell@ufp.org> Cc: "Rogier R. Mulhuijzen" <drwilco@drwilco.net>, freebsd-hackers@FreeBSD.ORG Subject: Re: path_mtu_discovery Message-ID: <20020105163900.E204@gohan.cjclark.org> In-Reply-To: <20020105000816.GA54166@ussenterprise.ufp.org>; from bicknell@ufp.org on Fri, Jan 04, 2002 at 07:08:16PM -0500 References: <5.1.0.14.0.20020105011436.01d16058@mail.drwilco.net> <20020105000816.GA54166@ussenterprise.ufp.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jan 04, 2002 at 07:08:16PM -0500, Leo Bicknell wrote:
> In a message written on Sat, Jan 05, 2002 at 01:14:45AM +0100, Rogier R. Mulhuijzen wrote:
> > If we're on the internet yes. If you're in an environment other than one
> > connected to the internet (do those even exist <grin/>) no.
> > Hence my tuneable sysctl idea.
>
> I'll support a sysctl, however I'll also be quite insistant that
> our defaults match the Internet. I'm fairly sure more FreeBSD
> boxes are connected to the Internet than any other network. :-)
I'd support it if anyone actually has any credible evidence that such
attacks have ever occured. Or if there is are plausible ways to attack
that don't require someone to sniff and inject into a connection in
which the victim is participating (if you can do that, you can do much
worse).
The typical SYN flood or DDOS are real threats. This thread (and the
previous ones like the one Darren started a few months back) have
already expended more energy on the issue than the threat warrants.
--
"It's always funny until someone gets hurt. Then it's hilarious."
Crist J. Clark | cjclark@alum.mit.edu
| cjclark@jhu.edu
http://people.freebsd.org/~cjc/ | cjc@freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020105163900.E204>