Date: Thu, 18 Jan 2001 16:16:45 +0200 (IST) From: Roman Shterenzon <roman@xpert.com> To: Pavol Adamec <pavol_adamec@tempest.sk> Cc: <freebsd-security@freebsd.org> Subject: Re: TCP_DROP_SYNFIN Message-ID: <Pine.LNX.4.30.0101181615560.11183-100000@jamus.xpert.com> In-Reply-To: <3A63FFF9.8E64A6AA@tempest.sk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 16 Jan 2001, Pavol Adamec wrote: > I'm not sure what you excatly ment by that but: > > TCP_DROP_SYNFIN forces kernel to drop packets with BOTH SYN and > FIN flags set. nmap -sS is a "half-open scan" - it send packets > with only SYN flag set. > What you likely want is TCP_RESTRICT_RST - not to emit RST for SYN > packets to non-listening ports. I thought that this is what blackhole(4) is for. Can you explain? > > Paul > > Dennis Jun wrote: > > > > I have compiled this option in my kernel on 3 differents FreeBSD boxes > > (4.1.1-STABLE, 4.1-RELEASEs) and I have noticed that it doesn't work all > > the time. Specifically with this scan nmap -v -O -sS . Is it just me or > > does this not work for other people as well? > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > Dennis Jun wrote: > > > > I have compiled this option in my kernel on 3 differents FreeBSD boxes > > (4.1.1-STABLE, 4.1-RELEASEs) and I have noticed that it doesn't work all > > the time. Specifically with this scan nmap -v -O -sS . Is it just me or > > does this not work for other people as well? > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > --Roman Shterenzon, UNIX System Administrator and Consultant [ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.30.0101181615560.11183-100000>