* stefan <[EMAIL PROTECTED]> [040822 13:21]:
> The remote host does not discard TCP SYN packets which have the FIN flag set.
> In my pf.conf have I enabled blocking from invalid combos of TCP flags with
> block in log quick on xl0 inet proto tcp from any to any flags SF/SF
You're using scrub? ("scrub in all" perhaps?)
> Is something wrong with my syntax, miss I something or is this a false positive from
> nessus?
SynFin isn't `bad'. It's just strange ;-) IMHO. YMMV.
regards,
oliver
--
ICQ: 261303843
