 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
Mike Bilow wrote: > Actually, ssh usually exchanges periodic "keepalive" packets to detect if > the other end has gone away. If the ipchains timeout is set long enough, > the ssh keepalive packets should prevent a timeout even if nothing happens > in the tail or top windows. > Perhaps someone else can elaborate even further on this, but I've been reading up on "port hijacking". Apparently, after a TCP connection completes, the port remains open for a timeout-period during which, an intruder can exploit various attacks to gain access or execute DOS (Denial of Service). At any rate, to my understanding one of the DNS exploits is based on this. I would think that making your gloabal timeouts larger is counter productive and it might be wiser to shorten the SSH keep-alive heartbeats... Comments? Or am I completely off base... - Christoph - Subcription/unsubscription/info requests: send e-mail with "subscribe", "unsubscribe", or "info" on the first line of the message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
