Re: Network security

To: debian-security@lists.debian.org
Subject: Re: Network security
From: Tollef Fog Heen <tollef@add.no>
Date: 08 Mar 2001 16:13:15 +0100
Message-id: <[🔎] 87u2542t10.fsf@manon.intern.opera.no>
In-reply-to: <[🔎] 20010308150942.B1667@paul.friendly>
References: <[🔎] 20010308150942.B1667@paul.friendly>

* 

| This error is taken from a firewall branded "Raptor" or something.
| Is the 2.4.2 kernel's TCP/IP stack non-standard, the firewall just plain
| stupid, or is there a security problem somewhere??

Have you chosen to use 'Explicit Congestion Notification' when you
compiled the kernel?  If so, many firewalls and routers drop packages
with this set.  It bit me, and I couldn't find out what it was - look
at whether /proc/sys/net/ipv4/tcp_ecn contains a 0 (which works here),
or a 1 (which causes some problems).

</wild guess>

-- 

Tollef Fog Heen
Unix _IS_ user friendly... It's just selective about who its friends are.

Reply to:

Follow-Ups:
- Re: Network security
  - From: pf@csite.com

References:
- Network security
  - From: pf@csite.com

Prev by Date: Network security
Next by Date: Re: Network security
Previous by thread: Network security
Next by thread: Re: Network security
Index(es):
- Date
- Thread