Re: Other possible protection against RST/SYN attacks (was Re: T
--Wb5NtZlyOqqy58h0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Apr 21, 2004 at 05:18:26PM -0400, Gary Corcoran wrote:
> Charles Swiger wrote:
> >The default TTL gets decremented with every hop, which means that a=20
> >packet coming in with a TTL of 255 had to be sent by a directly=20
> >connected system. [ip_ttl is an octet, so it can't hold a larger TTL=20
> >value.]
>=20
> Huh? 255-- =3D=3D 254, not 0. A TTL of 255 just allows the maximum poss=
ible
> number of hops, before being declared hopelessly lost.
Exactly -- if you see an incoming packet with a TTL of 255, it must've
originated on a directly connected system /or it would've already been
decremented to 254 or lower/.
-T
--=20
"Beware of he who would deny you information, for in his heart he dreams
himself your master."
--Wb5NtZlyOqqy58h0
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQFAhutNDwp/vIKK/HsRAoN3AJ0aKDv4X5/wMIdY77mS8vzUnpKD8wCdHc7c
ulf/IN+izwlMLk5BxDiDw40=
=qlpc
-----END PGP SIGNATURE-----
--Wb5NtZlyOqqy58h0--
討論串 (同標題文章)
完整討論串 (本文為第 9 之 16 篇):