TCP_DROP_SYNFIN kernel option side effects?!
Andre Oppermann
oppermann at networx.ch
Thu Oct 18 13:26:59 UTC 2012
On 16.10.2012 17:27, h bagade wrote:
> Hi all,
>
> I need to add this option to kernel in order to defeating Nmap
> OS-Fingerprinting. My system is running as Web Server and also it is the
> gateway on the network.
> I want to know if setting this option has any side effects on other parts
> of the system? Is there any situation that SYN and FIN bits are set both in
> TCP packets? Is it a normal situation?
SYN and FIN is not normal. Doing TCP_DROP_SYNFIN is not RFC compliant
but doesn't cause any problems.
--
Andre
More information about the freebsd-net
mailing list