'Syncookies' feature effects to generate new ISN/random with RST happens 15 seconds delay.
Brahmanand Reddy
brahma.gdb at gmail.com
Tue Feb 6 05:23:05 UTC 2018
Dear Experts,
Kindly respond about below query and let me know any info required.
Thanks and regards,
Brahma
On Sat, Feb 3, 2018 at 7:17 PM, Brahmanand Reddy <brahma.gdb at gmail.com>
wrote:
> Dear Experts,
>
> Recently i observed in 11.0 FreeBsd Kernel. new ISN random generating
> every 15 seconds. RST not happens quickly.
>
> if disable net.inet.tcp.syncookies=0 on syscntrl.conf .. RST happens
> quickly and generate new ISN numnber for next SYN requests.
>
> https://github.com/freebsd/freebsd/blob/master/sys/
> netinet/tcp_syncache.c#L1882
>
> Could you please confirm its expected behavior about delay. have notified
> this issue, we have any patch please share.
>
> Thanks in Advance,
> Brahma
>
More information about the freebsd-security
mailing list