Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 12 Jun 2001 10:23:27 +0300
From:      Ruslan Ermilov <ru@FreeBSD.ORG>
To:        William Wong <willwong@samurai.com>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   Re: man 4 blackhole
Message-ID:  <20010612102327.E95192@sunbay.com>
In-Reply-To: <006801c0f2f5$98bce740$0300a8c0@anime.ca>; from willwong@samurai.com on Tue, Jun 12, 2001 at 12:10:20AM -0400
References:  <006801c0f2f5$98bce740$0300a8c0@anime.ca>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Tue, Jun 12, 2001 at 12:10:20AM -0400, William Wong wrote:
> Hi there,
> 
> I'm looking at the man page and I don't see a difference between setting
> net.inet.tcp.blackhole, to either 1 or 2.  Here's a section from the
> manpage.
> 
> "Normal behaviour, when a TCP SYN segment is received on a port where
> there is no socket accepting connections, is for the system to return a
> RST segment, and drop the connection.  The connecting system will see
> this as a "Connection reset by peer".  By turning the TCP black hole MIB
> on to a numeric value of one, the incoming SYN segment is merely dropped,
                                             ^^^^^^^^^^^
> and no RST is sent, making the system appear as a blackhole.  By setting
> the MIB value to two, any segment arriving on a closed port is dropped
                        ^^^^^^^^^^^
> without returning a RST.  This provides some degree of protection against
> stealth port scans."
> 
> Since I'm sure option 2 isn't there for no reason, I must be interpreting
> this wrong.
> 
> Anyone know the difference?
> 
> Regards,
> - Will
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message

-- 
Ruslan Ermilov		Oracle Developer/DBA,
ru@sunbay.com		Sunbay Software AG,
ru@FreeBSD.org		FreeBSD committer,
+380.652.512.251	Simferopol, Ukraine

http://www.FreeBSD.org	The Power To Serve
http://www.oracle.com	Enabling The Information Age

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010612102327.E95192>