Other possible protection against RST/SYN attacks (was Re: TCP
RST attack
Mike Benjamin
mikeb at mikeb.org
Wed Apr 21 14:41:32 PDT 2004
On Wed, Apr 21, 2004 at 02:16:31PM -0700, Kevin Stevens wrote:
:
: On Wed, 21 Apr 2004, [iso-8859-1] Dag-Erling Smørgrav wrote:
:
: > Mike Tancsa <mike at sentex.net> writes:
: > I think the default ttl of 64 was an arbitrary choice. You would
: > probably be fine using 32, but any lower than that and you would start
: > having trouble crossing oceans.
:
: ?? Because of all the router buoys floating around??
Because hosts overseas tend to cross a greater distance, and packets
traveling greater distances tend to cross more routers. This is not
the rule, just a generalization.
It is invalidated in some cases by MPLS LSPs being configured not to
decrement TTL, and in others by the src and dst being in the same ASN,
and even others who have a limited number of POPs which creates huge
distances without ever breaking out at a l3 device. But, the
generalization is still correct in most cases.
A trace from my connection in the US to an arbitrary host in Finland
gives me 28 hops (across 4 ASNs).. that's awfully close to 32.
--mikeb
: KeS
: _______________________________________________
: freebsd-security at freebsd.org mailing list
: http://lists.freebsd.org/mailman/listinfo/freebsd-security
: To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
--
Mike Benjamin = mikeb at mikeb.org
More information about the freebsd-security
mailing list