From owner-freebsd-questions Tue Jan 11 0:42:31 2000 Delivered-To: freebsd-questions@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id ADEE01521D; Tue, 11 Jan 2000 00:42:21 -0800 (PST) (envelope-from des@flood.ping.uio.no) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id JAA69288; Tue, 11 Jan 2000 09:42:14 +0100 (CET) (envelope-from des@flood.ping.uio.no) To: Brad Knowles Cc: Holtor , freebsd-questions@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG Subject: Re: Kernel Option: TCP_DROP_SYNFIN References: <20000109201829.20220.qmail@web116.yahoomail.com> From: Dag-Erling Smorgrav Date: 11 Jan 2000 09:42:13 +0100 In-Reply-To: Brad Knowles's message of "Sun, 9 Jan 2000 23:03:20 +0100" Message-ID: Lines: 16 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Brad Knowles writes: > At 12:18 PM -0800 2000/1/9, Holtor wrote: > > Would this help stop SYN floods from breaking my > > freebsd computer? if anyones tried it, please speak > > up with any results or how it works. Thanks! > I've used it and haven't seen it do any harm to the systems I was > using it on, although I can't speak for how well it might have helped > them survive a SYN flood. Unless you're using TTCP (TCP for > Transactions), you should probably be safe in enabling it. It doesn't have anything to do with syn floods at all. It merely prevents OS fingerprinting (at least the way nmap does it). DES -- Dag-Erling Smorgrav - des@flood.ping.uio.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message