From owner-freebsd-questions Tue Apr 7 13:39:19 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA08302 for freebsd-questions-outgoing; Tue, 7 Apr 1998 13:39:19 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from gdi.uoregon.edu (gdi.uoregon.edu [128.223.170.30]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA07960 for ; Tue, 7 Apr 1998 13:37:59 -0700 (PDT) (envelope-from dwhite@gdi.uoregon.edu) Received: from localhost (dwhite@localhost) by gdi.uoregon.edu (8.8.7/8.8.8) with SMTP id NAA27040; Tue, 7 Apr 1998 13:37:52 -0700 (PDT) (envelope-from dwhite@gdi.uoregon.edu) Date: Tue, 7 Apr 1998 13:37:52 -0700 (PDT) From: Doug White Reply-To: Doug White To: Mike D Tancsa cc: questions@FreeBSD.ORG Subject: Re: RFC-1644 attack ? In-Reply-To: <199804071737.NAA25812@granite.sentex.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 7 Apr 1998, Mike D Tancsa wrote: > > What would be the effect of doing a > sysctl -w net.inet.tcp.rfc1644=0 > > Do I need to have this enabled ? If I disable it, what > will it break ? the RFC1644 extensions are just that, extensions to TCP to conserve resources when using TCP. Disabling them may cause a rise in the system's use of resources dedicated to the network. If this is substantiated then you need to send it to security@freebsd.org if you haven't already. That's a nasty attack :( Another reason to not use hosts.equiv. Doug White | University of Oregon Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant http://gladstone.uoregon.edu/~dwhite | Computer Science Major To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message