Re: packets with syn/fin vs pf_norm.c

看板FB_security作者時間20年前 (2005/07/06 14:14), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串12/13 (看更多)
----- Original Message ----- From: "Dag-Erling Sm鷨grav" <des@des.no> To: "Jesper Wallin" <jesper@hackunite.net> Cc: <freebsd-security@freebsd.org>; "Darren Reed" <avalon@caligula.anu.edu.au> Sent: Wednesday, July 06, 2005 1:39 PM Subject: Re: packets with syn/fin vs pf_norm.c > The TCP_DROP_SYNFIN option should be removed; it has long outlived its > original purpose (which was to prevent nmap identification of IRC > servers which didn't run ipfw for performance reasons, back in the 3.0 > days) i vote not to remove because it just an option there whether you want it or not for added protection for OS fingerprinting... standard tcp is the most rampant used than t/tcp and most (or all) tcp modules are not combining syn + fin flag in a tcp datagram for normal tcp transaction... fooler. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 fooler. 的文章
文章代碼(AID): #12otQm00 (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 12 之 13 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共13篇)
更多 fooler. 的文章
文章代碼(AID): #12otQm00 (FB_security)