North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Max TNT ping thing

  • From: Andy Walden
  • Date: Wed Sep 10 16:46:52 2003

Drew,

I believe this was the last message about it. Basically, put on all of
your filters on all interfaces for both worms, play with the cache as
indicated below and make sure you are running later code. At least 9.0.0.9
if I recall if not TAOS 10+.

andy
--
PGP Key Available at http://www.tigerteam.net/andy/pgp

On Sat, 30 Aug 2003, Edward Murphy wrote:

> Geo. said:
> > > Tonight we either made to double checked the following parameters and the
> > > problem seems to have cleared up:
> > >
> > > iproute-cache-enable = yes
> > > ipport-cache-enable = yes
> > > suppress-host-routes = no
> > > iproute-cache-size = 1500
> > > ignore-icmp-redirects = yes
> > > icmp-reply-directed-bcast = no
> > > send-icmp-dest-unreachable = no
> > > tcp-syn-flood-protect = yes
> >
> > I just checked and we had:
> >
> >  iproute-cache-size = 50
> >  send-icmp-dest-unreachable = yes
> >  tcp-syn-flood-protect = no
> >
> > and our box has been staying up just fine. I just modified the last two in
> > order to see if that does anything different. the iproute-cache-size of 50 I
> > decided to leave alone because I figure that depends on how much memory you
> > have and I don't know how your box compares to ours in that respect.