TCP_DROP_SYNFIN kernel option side effects?!
h bagade
bagadeh at gmail.com
Mon Oct 22 18:18:38 UTC 2012
Thanks Andre for your answer:)
On Thu, Oct 18, 2012 at 4:56 PM, Andre Oppermann <oppermann at networx.ch>wrote:
> On 16.10.2012 17:27, h bagade wrote:
>
>> Hi all,
>>
>> I need to add this option to kernel in order to defeating Nmap
>> OS-Fingerprinting. My system is running as Web Server and also it is the
>> gateway on the network.
>> I want to know if setting this option has any side effects on other parts
>> of the system? Is there any situation that SYN and FIN bits are set both
>> in
>> TCP packets? Is it a normal situation?
>>
>
> SYN and FIN is not normal. Doing TCP_DROP_SYNFIN is not RFC compliant
> but doesn't cause any problems.
>
> --
> Andre
>
>
More information about the freebsd-net
mailing list