So: There couldn't have been any connection to
port 24, because nobody is listening there...
Are you this dense? The whole point is that, say in your example,
port 24 _was_ listening to something on the machine which had your
dynamic IP address before you obtained it. This is why your change
breaks the protections built into TCP.
According to some Phrack (49? - I can't remember) I
read, Microsoft operating systems don't send an ACK+RST.
So they couldn't be scanned in this way - but almost
every Unix. This is sad...
This also explains why M$ OS's typically end up confusing AX.25 and
other long latency link clients. (the same effect is obtained when
servers run TCP stacks which try to cheat the TIME_WAIT state)
Not only is you patch unacceptable, you refuse to listen to those of
us who must consider the needs of everyone who uses the Linux TCP
stack, and the ramifications that such a change will have on the
internet as a whole (ie. the machines Linux's TCP must talk to).
Therefore I'll stop listening to you.
Later,
David S. Miller
davem@dm.cobaltmicro.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/