Other possible protection against RST/SYN attacks (was Re: TCP
RST attack
Gary Corcoran
garycor at comcast.net
Wed Apr 21 14:18:19 PDT 2004
Charles Swiger wrote:
> On Apr 21, 2004, at 4:14 PM, Mike Tancsa wrote:
>
>> What side effects if any are there? Why is the default 64 and not
>> some other number like 255...
>
>
> The default TTL gets decremented with every hop, which means that a
> packet coming in with a TTL of 255 had to be sent by a directly
> connected system. [ip_ttl is an octet, so it can't hold a larger TTL
> value.]
Huh? 255-- == 254, not 0. A TTL of 255 just allows the maximum possible
number of hops, before being declared hopelessly lost.
> A packet with a TTL of 64 could have been many hops away.
As DES said in a later reply, 64 was probably just a reasonable,
but arbitrary value. Whereas 255 would probably allow for several
trips around the world, and would be overkill.
Gary
More information about the freebsd-security
mailing list