[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: (OT kinda) Newly-discovered TCP flaw

The way to do it is to put the line:

net.ipv4.tcp_challenge_ack_limit = 999999999

in a file in the /etc/sysctl.d directory named xxx.conf (replace xxx with your
preferred name).

Then run "sysctl -p xxx.conf" and the new value is installed in the kernel
tree.  My system had a value of 100 before I changed it.  At boot the file will
be read so the new value will be used then also.


Check what is there now with:

sysctl -a | grep net.ipv4.tcp_challenge_ack_limit

You should see 999... after you run the sysctl -p command.

When the kernel is fixed then you just need to delete the xxx.conf file and the
next boot the default value will get used.

...Bob
Reply to: