Message: previous - next
Month: August 2016

Re: (OT kinda) Newly-discovered TCP flaw

From: Gene Heskett <gheskett@...>
Date: Thu, 11 Aug 2016 13:50:14 -0400
On Thursday 11 August 2016 12:47:09 Nicolas George wrote:
CC:ing emc-developers, and trinity-users who may not yet be aware of this 
tcp attack vector thats quite dangerous. And my post to trinity-users 
was in error, so this corrects it.

> Le quintidi 25 thermidor, an CCXXIV, Gene Heskett a écrit :
> > to add should be changed to forward slashes:
> You are wrong, sysctl supports both slashes and dots as separators.
> Regards,

I changed it back Nicolas, and sysctl -p now returns:
root@coyote:/etc/init.d# sysctl -p
sysctl: cannot stat /proc/sys//net.ipv4.tcp_challenge_ack_limit: No such 
file or directory

Put the slashes back and I get this:
root@coyote:/etc/init.d# sysctl -p
.net.ipv4.tcp_challenge_ack_limit = 999999999

Which  I assume is the correct response.  And yet the echo shows all 

WTH?  Ahh, my bad, no damned biscuit, an extra leading slash snuck in. 
But if a dot and a slash are the same to sysctl, I should have a file in 
the wrong place? But I do not. /net is empty. It is in the right place 
now. And cats the correct value.

Sorry about the confusion everybody.

Cheers, Gene Heskett
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <>