Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 16 Jan 2001 09:02:01 +0100
From:      Pavol Adamec <pavol_adamec@tempest.sk>
To:        Dennis Jun <dennisjun@home.com>
Cc:        freebsd-questions@freebsd.org, freebsd-security@freebsd.org
Subject:   Re: TCP_DROP_SYNFIN
Message-ID:  <3A63FFF9.8E64A6AA@tempest.sk>
References:  <004a01c07f90$29bcef80$0300a8c0@wilma>

next in thread | previous in thread | raw e-mail | index | archive | help
I'm not sure what you excatly ment by that but:

TCP_DROP_SYNFIN forces kernel to drop packets with BOTH SYN and
FIN flags set. nmap -sS is a "half-open scan" - it send packets
with only SYN flag set. 
What you likely want is TCP_RESTRICT_RST - not to emit RST for SYN
packets to non-listening ports.

Paul

Dennis Jun wrote:
> 
> I have compiled this option in my kernel on 3 differents FreeBSD boxes
> (4.1.1-STABLE, 4.1-RELEASEs) and I have noticed that it doesn't work all
> the time. Specifically with this scan  nmap -v -O -sS .  Is it just me or
> does this not work for other people as well?
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message

Dennis Jun wrote:
> 
> I have compiled this option in my kernel on 3 differents FreeBSD boxes
> (4.1.1-STABLE, 4.1-RELEASEs) and I have noticed that it doesn't work all
> the time. Specifically with this scan  nmap -v -O -sS .  Is it just me or
> does this not work for other people as well?
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A63FFF9.8E64A6AA>