TTL

Roman Neuhauser neuhauser at bellavista.cz
Thu Jan 16 11:47:46 CET 2003

Previous message: TTL
Next message: http://www.mrunix.net/webalizer/
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

# dan at obluda.cz / 2003-01-06 00:20:02 +0100:
> Josef Hrabec wrote, On 01/06/03 00:08:
> >pri pruchodu icmp paketu routerem se vzdy snizi jeho TTL o jednicku -
> >nevite, zda-li a jak lze nastavit jadro, aby hodnotu TTL nesnizilo?
> 
> 	Pouze pro ICMP pakety to nelze. Pokud je jadro prelozeno s 
> 	IPSTEALTH, pak lze nastavenim jedne sysctl promenne (jemno si z hlavy 
> nepamatuju, v pripade potrebu zjistim) zajistit, ze router TTL nesnizuje 
> vubec pro zadne pakety.

    roman at freepuppy ~ 1003:0 > sysctl -a|grep ttl
    net.inet.ip.ttl: 64
    net.inet.ipf.fr_ipfrttl: 120
    net.inet.ipf.fr_minttl: 3
    net.inet.ipf.fr_minttllog: 1
    roman at freepuppy ~ 1004:0 > sysctl -a|grep stealth 
    net.inet.ip.stealth: 0
    roman at freepuppy ~ 1005:0 > 

    s ipfilter by to jit melo:

    http://www.obfuscation.org/ipf/ipf-howto.html#TOC_28

    block in quick on xl0 fastroute proto icmp from any to any

-- 
If you cc me or remove the list(s) completely I'll most likely ignore
your message.    see http://www.eyrie.org./~eagle/faqs/questions.html

Previous message: TTL
Next message: http://www.mrunix.net/webalizer/
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users-l mailing list