Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Mac OS/X to reject RST and DoS

Seth David Schoen schoen at
Tue Dec 25 09:26:11 PST 2012

pacificboy writes:

> Does anyone know of any Mac OS/X software programs that would stop RST and DoS that are injected in the internet in places like China and its GFW?

You could make a firewall ignore some RSTs, but assuming the ISP injects
resets in both directions, the RST that the ISP sends to the _other party_
will be sufficient to close the connection.  (If either end of a TCP
connection receives a RST ostensibly from the other end, it will disconnect.
So it's not enough for you to ignore the RST; the machine that you're talking
to would also need to ignore it.)

For more information on ISP packet spoofing, see

Seth Schoen  <schoen at>
Senior Staff Technologist             
Electronic Frontier Foundation        
454 Shotwell Street, San Francisco, CA  94110   +1 415 436 9333 x107

More information about the liberationtech mailing list