3 Oct
1996
3 Oct
'96
3:57 a.m.
Nevermind the 'clear the sockets thing' I just attack an inetd port and then kill inetd and they go away, which allows me to work faster in the lab. I guess my real question to someone who is more familiar with 'RFC' history is the same as the last post... Why when an attacked host sends a SYN,ACK to an UNREACHABLE destination does the SYN,ACK just go down a black hole without an ICMP message to the originator, when I use 0.0.0.4 as a spoofed address? Shouldn't this be covered in an RFC somewhere as something that must happen? The reason I ask is obvious.... if I could get the error message I could have tcp_err() do some quick and dirty cleaning of the queue (and at least have a piece of this puzzle in place..) Thanks, Tim