From owner-freebsd-security  Thu Mar 16  4:47:18 2000
Delivered-To: freebsd-security@freebsd.org
Received: from wicket.ci.net.ua (noc-hole-gw.ci.net.ua [212.86.98.85])
	by hub.freebsd.org (Postfix) with ESMTP id 8E1F937C096
	for <freebsd-security@FreeBSD.ORG>; Thu, 16 Mar 2000 04:47:13 -0800 (PST)
	(envelope-from acid@cn.ua)
Received: from localhost (acid@localhost)
	by wicket.ci.net.ua (8.9.3/8.9.3) with ESMTP id OAA02183;
	Thu, 16 Mar 2000 14:46:23 +0200 (EET)
Date: Thu, 16 Mar 2000 14:46:23 +0200 (EET)
From: "Michael I. Vasilenko" <acid@cn.ua>
X-Sender: acid@wicket.ci.net.ua
To: ark@eltex.ru
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: wrapping sshd
In-Reply-To: <200003161238.PAA18026@paranoid.eltex.spb.ru>
Message-ID: <Pine.BSF.4.21.0003161443190.1991-100000@wicket.ci.net.ua>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org



On Thu, 16 Mar 2000 ark@eltex.ru wrote:

> Have you ever tried portscanning them agressively?

> Doug Barton <Doug@gorean.org> said :
> 
> 
> > 	In all my years of running freebsd I've never seen inetd crash on any
> > system. 

Try to add TCP_RESTRICT_RST to your kernel config and
tcp_restrict_rst="YES" to rc.conf

--
						Michael Vasilenko



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message