FreeBSD && TCP stealth

Matthias Apitz guru at
Mon Oct 20 07:25:33 UTC 2014


Is there any work started or in progress to implement TCP stealth in our
kernel as proposed to IETF in

The idea is that the client put some magic value in the ISN of the first
SYN pkg which is derived from a secret the client and the server share.
The server can check the ISN and decide if it will answer the SYN pkg or
do a RST, for example. 

Vy 73

Matthias Apitz               |  /"\   ASCII Ribbon Campaign:
E-mail: guru at     |  \ /   - No HTML/RTF in E-mail
WWW: |   X    - No proprietary attachments
phone: +49-170-4527211       |  / \   - Respect for open standards

More information about the freebsd-current mailing list