On Tue, Dec 10, 2002 at 01:42:10PM -0500, Brass, Phil (ISS Atlanta) wrote: > One of the problems I have found in this arena is that many hosts > (windows particularly) cannot hold open more than about 5000 > simultaneous TCP connections. I know some unices have similar problems, > though my understanding is that it is possible to frob the BSD kernel at > least to get at least 40,000 simultaneous connections. That is all very > well and good, but unless there are enough target machines behind the > firewall to handle that many connections, or you get to run your own > listener on another frobbed box on the inside, you aren't going to be > able to hold open that many connections. > Hi, Many open connections can be simulated with my ftester tool (http://ftester.sourceforge.net), basically you use two packet injectors (one sniffing the traffic generated by the other side) and you let the firewall see a valid handshake and session. In this way you don't have the simultaneous connections problem since the packets are injected and not handled by the stack. Of course you need at least two hosts, one on each side of the firewall. Hope that helps :) Bye ------------------------------------------------------------ INFIS Network Administrator & Security Officer .*. Department of Physics - University of Trieste /V\ lcarsat_private - PGP Key 0x8E21FE82 (/ \) ---------------------------------------------------- ( ) "How would you know I'm mad?" said Alice. ^^-^^ "You must be,'said the Cat,'or you wouldn't have come here." ------------------------------------------------------------ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Wed Dec 11 2002 - 08:27:02 PST