Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Mac OS/X to reject RST and DoS

Seth David Schoen schoen at eff.org
Tue Dec 25 09:26:11 PST 2012


pacificboy writes:

> Does anyone know of any Mac OS/X software programs that would stop RST and DoS that are injected in the internet in places like China and its GFW?

You could make a firewall ignore some RSTs, but assuming the ISP injects
resets in both directions, the RST that the ISP sends to the _other party_
will be sufficient to close the connection.  (If either end of a TCP
connection receives a RST ostensibly from the other end, it will disconnect.
So it's not enough for you to ignore the RST; the machine that you're talking
to would also need to ignore it.)

For more information on ISP packet spoofing, see

https://www.eff.org/sites/default/files/packet_injection_0.pdf

-- 
Seth Schoen  <schoen at eff.org>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
454 Shotwell Street, San Francisco, CA  94110   +1 415 436 9333 x107



More information about the liberationtech mailing list