> On 11 Mar 2016, at 11:40, Robert Meyer wrote:
>
> Hi,
>
>> Furthermore ICMP is _mandatory_ for MTU path discovery to work. So be ready
>> for all kind of non functioning stuff if you transfer larger packets than
>> the MTU somewhere in the middle (such as trying to
Hi,
> Furthermore ICMP is _mandatory_ for MTU path discovery to work. So be ready
> for all kind of non functioning stuff if you transfer larger packets than the
> MTU somewhere in the middle (such as trying to squeeze a 1500 byte ethernet
> packet into a IPSec tunnel with a MTU around 1426).
> On 11 Mar 2016, at 01:33, Roger wrote:
>
> Hi Swinogers
> well maybe the same experts where asked for an expertise from AVM for the
> new Firmware upgrade on the router products this days.
> They proudly announced to have a Stealthmode implemented, which of corse is
> just
Hi Swinogers
well maybe the same experts where asked for an expertise from AVM for
the new Firmware upgrade on the router products this days.
They proudly announced to have a Stealthmode implemented, which of corse
is just a drop of ICMP Requests, which user find Evil because someone
told
nog.ch [mailto:swinog-boun...@lists.swinog.ch] Im
Auftrag von Andre Keller
Gesendet: Donnerstag, 10. März 2016 17:12
An: swinog@lists.swinog.ch
Betreff: [swinog] TCP timestamps
Dear fellow SwiNOGers,
in the last few months we had several security audits and all of them proposed
to disable tcp time
❦ 10 mars 2016 17:12 +0100, Andre Keller :
> in the last few months we had several security audits and all of them
> proposed to disable tcp timestamps. (i.e. on Linux
> net.ipv4.tcp_timestamps=0). AFAIK roundtrip time calculation in tcp
> relies on this and there might be
On 2016-03-10 17:12, Andre Keller wrote:
> Dear fellow SwiNOGers,
>
> in the last few months we had several security audits and all of them
> proposed to disable tcp timestamps.
Did they also state why? :)
> (i.e. on Linux
> net.ipv4.tcp_timestamps=0). AFAIK roundtrip time calculation in tcp
>
7 matches
Mail list logo