Other possible protection against RST/SYN attacks (was Re: TCP
RST attack
Borja Marcos
borjamar at sarenet.es
Wed Apr 21 13:20:28 PDT 2004
> Thanks, I realize that, especially with iBGP. However for directly
> connected eBGP peers, the question still stands.
>
> What side effects if any are there? Why is the default 64 and not
> some other number like 255... I am sure the answer is out there, I
> just need to find the question so I can cram it into google ;-)
I can only think that it is a reasonable default. With a ttl of 200,
for example, a routing loop would waste a lot of bandwidth for each
undeliverable packet.
Borja.
More information about the freebsd-security
mailing list