| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 4 Nov 2012 01:25:13 +0100 (CET) From: Jan Engelhardt <jengelh@...i.de> To: Eric Dumazet <eric.dumazet@...il.com> cc: Vincent Li <vincent.mc.li@...il.com>, "netdev@...r.kernel.org" <netdev@...r.kernel.org> Subject: Re: Disable tcp MSS option in three way handshake? On Friday 2012-10-26 00:42, Eric Dumazet wrote: >On Thu, 2012-10-25 at 15:27 -0700, Vincent Li wrote: >> >> this sounds crazy, we have a weird situation that an unknown tcp >> implementation not putting tcp MSS option in the SYN/ACK which caused >> us some issue. I am tasked to mimic the unknown tcp immplementation on >> not sending MSS in tcp SYN/ACK, I am wondering if I can achieve that >> by modifying linux kernel tcp code, there is socket option >> TCP_MAXSEG, but that seems only affecting the size of MSS, not >> removing the MSS option. do you have any pointer on how to do that in >> kernel tcp code? > >You'll have to patch the code. > >Or else, you could add a new feature to net/netfilter/xt_TCPMSS.c Or you could just use -j TCPOPTSTRIP. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists