Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPChains question (SOLVED)

Mike Bilow wrote:
> Actually, ssh usually exchanges periodic "keepalive" packets to detect if
> the other end has gone away.  If the ipchains timeout is set long enough,
> the ssh keepalive packets should prevent a timeout even if nothing happens
> in the tail or top windows.

Perhaps someone else can elaborate even further on this, but I've been reading
up on "port hijacking".  Apparently, after a TCP connection completes, the
port remains open for a timeout-period during which, an intruder can exploit
various attacks to gain access or execute DOS (Denial of Service).

At any rate, to my understanding one of the DNS exploits is based on this.

I would think that making your gloabal timeouts larger is counter productive
and it might be wiser to shorten the SSH keep-alive heartbeats...

Comments?  Or am I completely off base...

- Christoph

Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at (Subject line is ignored).

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /