On Thursday 11 August 2016 15:31:37 Lisi Reisz wrote: > On Thursday 11 August 2016 20:06:26 Gene Heskett wrote: > > On Thursday 11 August 2016 15:44:24 Doug wrote: > > > On 08/11/2016 12:50 PM, Gene Heskett wrote: > > > > On Thursday 11 August 2016 12:47:09 Nicolas George wrote: > > > > CC:ing emc-developers, and trinity-users who may not yet be > > > > aware of this tcp attack vector thats quite dangerous. And my > > > > post to trinity-users was in error, so this corrects it. > > > > > > > >> Le quintidi 25 thermidor, an CCXXIV, Gene Heskett a écrit : > > > >>> to add should be changed to forward slashes: > > > >> > > > >> You are wrong, sysctl supports both slashes and dots as > > > >> separators. > > > >> > > > >> Regards, > > > > > > > > I changed it back Nicolas, and sysctl -p now returns: > > > > root@coyote:/etc/init.d# sysctl -p > > > > sysctl: cannot stat /proc/sys//net.ipv4.tcp_challenge_ack_limit: > > > > No such file or directory > > > > > > > > Put the slashes back and I get this: > > > > root@coyote:/etc/init.d# sysctl -p > > > > .net.ipv4.tcp_challenge_ack_limit = 999999999 > > > > > > > > Which I assume is the correct response. And yet the echo shows > > > > all dots. > > > > > > > > WTH? Ahh, my bad, no damned biscuit, an extra leading slash > > > > snuck in. But if a dot and a slash are the same to sysctl, I > > > > should have a file in the wrong place? But I do not. /net is > > > > empty. It is in the right place now. And cats the correct value. > > > > > > > > Sorry about the confusion everybody. > > > > > > > > Cheers, Gene Heskett > > > > > > Running PCLOS. I put in the original command with dots. When I run > > > sysctl.p from a root environment I get no response, but no error > > > either. Don't know the significance of that. > > > > > > --doug > > > > Neither do I Doug, sorry. See the announcement on /. today & read > > the link to the post from the guys that found it that is in the > > story, UCsomething IIRC, see below. A closer read may answer it. > > > > <https://ucrtoday.ucr.edu/39030> > > > > And please keep things like this on the list you read it from. A PM > > is unfair to the other readers of the list you read it on, so I'll > > cc the three lists it was cross posted to as it sounds pretty > > serious to me. > > > > And I just noted that the sysctl command you quoted above is > > incorrect, its sysctl -p, not sysctl.p. > > > > Maybe that helps? > > I copied and pasted the commands exactly, and ran them as root, and > got an echo of net.ipv4.tcp_challenge_ack_limit = 999999999 in > response to the first and a blank return in response to the second. I > don't know the significance. > > Lisi
cat that file Lisi. Thats in /proc/sys/net.ipv4.tcp_challenge_ack_limit. I think we did as we were told if it contains those 9 9's. Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Genes Web page <http://geneslinuxbox.net:6309/gene>
