|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: TCP/IP Stack Hardening
From: Tod Beardsley (todb
planb-security.net)
Date: Fri Dec 19 2003 - 17:11:56 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hoffmann, Aran wrote:
> The results? Crappy network performance and file transfer timeouts
> but boy were we secure. As soon as we removed the hardening the
> network performance problems went away.
Systematic troubleshooting would have likely solved your timeout
problems. The majority of these keys won't have a lot of / any impact
on normal network performance, all things being equal. Incidentally,
changing some key defaults will not only quote-secure-unquote your
stack, but will also stymie pretty much every TCP-based OS
profiler/fingerprinter around. Which is cool.
--
"It's okay to yell 'fire' in a crowded theater
if the theater is actually on fire."
Tod Beardsley | www.planb-security.net
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]