Date: Tue, 16 Jan 2001 09:02:01 +0100 From: Pavol Adamec <pavol_adamec@tempest.sk> To: Dennis Jun <dennisjun@home.com> Cc: freebsd-questions@freebsd.org, freebsd-security@freebsd.org Subject: Re: TCP_DROP_SYNFIN Message-ID: <3A63FFF9.8E64A6AA@tempest.sk> References: <004a01c07f90$29bcef80$0300a8c0@wilma>
next in thread | previous in thread | raw e-mail | index | archive | help
I'm not sure what you excatly ment by that but: TCP_DROP_SYNFIN forces kernel to drop packets with BOTH SYN and FIN flags set. nmap -sS is a "half-open scan" - it send packets with only SYN flag set. What you likely want is TCP_RESTRICT_RST - not to emit RST for SYN packets to non-listening ports. Paul Dennis Jun wrote: > > I have compiled this option in my kernel on 3 differents FreeBSD boxes > (4.1.1-STABLE, 4.1-RELEASEs) and I have noticed that it doesn't work all > the time. Specifically with this scan nmap -v -O -sS . Is it just me or > does this not work for other people as well? > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message Dennis Jun wrote: > > I have compiled this option in my kernel on 3 differents FreeBSD boxes > (4.1.1-STABLE, 4.1-RELEASEs) and I have noticed that it doesn't work all > the time. Specifically with this scan nmap -v -O -sS . Is it just me or > does this not work for other people as well? > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A63FFF9.8E64A6AA>