Hi Swinogers
well maybe the same experts where asked for an expertise from AVM for
the new Firmware upgrade on the router products this days.
They proudly announced to have a Stealthmode implemented, which of corse
is just a drop of ICMP Requests, which user find Evil because someone
told once in a newspaper several years agow :D
But they maybe never did have the idea there are ICMP types which could
be used for real evil things than just getting an answer back ;)
i would read this crap several times, then think about what made sense,
maybe that will be unsuccessful and then i will be shure there is a
dustbin unterneath your desk.
Roger
On 10/03/2016 12:12, Andre Keller wrote:
Dear fellow SwiNOGers,
in the last few months we had several security audits and all of them
proposed to disable tcp timestamps. (i.e. on Linux
net.ipv4.tcp_timestamps=0). AFAIK roundtrip time calculation in tcp
relies on this and there might be implications for PAWS (tcp sequence
number wrapping).
What do you guys think about this?
Regards
André
_______________________________________________
swinog mailing list
[email protected]
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
_______________________________________________
swinog mailing list
[email protected]
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
