Date: Tue, 12 Jun 2001 00:10:20 -0400 From: "William Wong" <willwong@samurai.com> To: <freebsd-questions@freebsd.org> Subject: man 4 blackhole Message-ID: <006801c0f2f5$98bce740$0300a8c0@anime.ca>
next in thread | raw e-mail | index | archive | help
Hi there, I'm looking at the man page and I don't see a difference between setting net.inet.tcp.blackhole, to either 1 or 2. Here's a section from the manpage. "Normal behaviour, when a TCP SYN segment is received on a port where there is no socket accepting connections, is for the system to return a RST segment, and drop the connection. The connecting system will see this as a "Connection reset by peer". By turning the TCP black hole MIB on to a numeric value of one, the incoming SYN segment is merely dropped, and no RST is sent, making the system appear as a blackhole. By setting the MIB value to two, any segment arriving on a closed port is dropped without returning a RST. This provides some degree of protection against stealth port scans." Since I'm sure option 2 isn't there for no reason, I must be interpreting this wrong. Anyone know the difference? Regards, - Will To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?006801c0f2f5$98bce740$0300a8c0>