閱讀文章 - 看板 FB_security

發信人mike@sentex.net (Mike Tancsa),

看板FB_security

標題Re: Other possible protection against RST/SYN attacks (was Re:

發信站NCTU CSIE FreeBSD Server (Thu Apr 22 00:20:26 2004)

轉信站ptt!FreeBSD.csie.NCTU!not-for-mail

At 06:10 PM 21/04/2004, Gary Corcoran wrote: >>In any event, it still seems like a TTL of 255 is overkill for this >>application... > >Unless, of course, you want to only accept packets with TTL >of 255. This might be fine when both ends are setup to work >this way. Yes, but thats the whole point of it. By having the 2 BGP speakers *only* accept packets that have a TTL of 255, you are safe to bet it has not come across another router as no one has decremented the TTL value. ---Mike _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"