From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.50) id 1EMuqw-0000Gg-J9 for garchives@archives.gentoo.org; Tue, 04 Oct 2005 22:01:38 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.5/8.13.5) with SMTP id j94LpZj5019787; Tue, 4 Oct 2005 21:51:35 GMT Received: from Princeton.EDU (postoffice02.Princeton.EDU [128.112.130.38]) by robin.gentoo.org (8.13.5/8.13.5) with ESMTP id j94LluOl002575 for ; Tue, 4 Oct 2005 21:47:56 GMT Received: from smtpserver2.Princeton.EDU (smtpserver2.Princeton.EDU [128.112.129.148]) by Princeton.EDU (8.12.9/8.12.9) with ESMTP id j94LuFAc014528 for ; Tue, 4 Oct 2005 17:56:15 -0400 (EDT) Received: from sep.dynalias.net (fez.Princeton.EDU [128.112.129.190]) (authenticated bits=0) by smtpserver2.Princeton.EDU (8.12.9/8.12.9) with ESMTP id j94LuAt1004062 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NOT) for ; Tue, 4 Oct 2005 17:56:15 -0400 (EDT) Received: by sep.dynalias.net (Postfix, from userid 1001) id 9A81C5EA773; Tue, 4 Oct 2005 17:57:33 -0400 (EDT) Date: Tue, 4 Oct 2005 17:57:33 -0400 From: Willie Wong To: gentoo-security@lists.gentoo.org Subject: Re: [gentoo-security] RE: port knocking Message-ID: <20051004215733.GA22609@princeton.edu> Mail-Followup-To: gentoo-security@lists.gentoo.org References: <20051004201253.8329.qmail@web80707.mail.yahoo.com> <4342E6AA.7060003@mci.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-security@gentoo.org Reply-to: gentoo-security@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4342E6AA.7060003@mci.com> User-Agent: Mutt/1.5.8i X-Archives-Salt: 4d3b2f05-af02-46b5-a490-44c4df9bcfca X-Archives-Hash: 96a23769b92023228c5d64ddd06b6764 On Tue, Oct 04, 2005 at 04:31:38PM -0400, Dan Gregory wrote: > > -A PREROUTING -m ttl --ttl-eq 202 -j ACCEPT > > > > echo 204 > /proc/sys/net/ipv4/ip_default_ttl > > 202 != 204? > > Is this a typo? > Thought so first, but remember that each time a router touches it the ttl gets decreased. So if the linux routing box it two hops away from the laptop (which is likely if he has a separate wireless router dedicated to such use) the difference of two would be the right solution. :) W -- "What the hell, he thought, you're only young once, and threw himself out of the window. That would at least keep the element of surprise on his side." - Ford outwitting a Vogon with a rocket launcher by going into another certain death situation. Sortir en Pantoufles: up 54 days, 58 min -- gentoo-security@gentoo.org mailing list