⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 379.html

📁 Jsp精华文章合集,JSP方面各种知识介绍
💻 HTML
📖 第 1 页 / 共 3 页
字号:
🔍
123 
# acting as a router, an attacker may send redirect messages to alter <br># routing tables as part of sophisticated attack (man in the middle <br># attack) or a simple denial of service. <br># The default value is 0 (False). <br># <br>IP_IGNORE_REDIRECT=1 <br><br># <br># ip_ire_flush_interval <br># <br># This option determines the period of time at which a specific route <br># will be kept, even if currently in use. ARP attacks may be effective <br># with the default interval. Shortening the time interval may reduce <br># the effectiveness of attacks. <br># The default interval is 1200000 milliseconds (20 minutes). <br># <br>IP_IRE_FLUSH_INTERVAL=60000 <br><br># <br># ip_respond_to_address_mask_broadcast <br># <br># This options determines whether to respond to ICMP netmask requests <br># which are typically sent by diskless clients when booting. An <br># attacker may use the netmask information for determining network <br># topology or the broadcast address for the subnet. <br># The default value is 0 (False). <br># <br>IP_RESPOND_TO_ADDRESS_MASK_BROADCAST=0 <br><br># <br># ip_respond_to_echo_broadcast <br># <br># This option determines whether to respond to ICMP broadcast echo <br># requests (ping). An attacker may try to create a denial of service <br># attack on subnets by sending many broadcast echo requests to which all <br># systems will respond. This also provides information on systems that <br># are available on the network. <br># The default value is 1 (True). <br># <br>IP_RESPOND_TO_ECHO_BROADCAST=0 <br><br># <br># ip_respond_to_timestamp <br># <br># This option determines whether to respond to ICMP timestamp requests <br># which some systems use to discover the time on a remote system. An <br># attacker may use the time information to schedule an attack at a <br># period of time when the system may run a cron job (or other time- <br># based event) or otherwise be busy. It may also be possible predict <br># ID or sequence numbers that are based on the time of day for spoofing <br># services. <br># The default value is 1 (True). <br># <br>IP_RESPOND_TO_TIMESTAMP=0 <br><br># <br># ip_respond_to_timestamp_broadcast <br># <br># This option determines whether to respond to ICMP broadcast timestamp <br># requests which are used to discover the time on all systems in the <br># broadcast range. This option is dangerous for the same reasons as <br># responding to a single timestamp request. Additionally, an attacker <br># may try to create a denial of service attack by generating many <br># broadcast timestamp requests. <br># The default value is 1 (True). <br># <br>IP_RESPOND_TO_TIMESTAMP_BROADCAST=0 <br><br># <br># ip_send_redirects <br># <br># This option determines whether to send ICMP redirect messages which <br># can introduce changes into remote system's routing table. It should <br># only be used on systems that act as routers. <br># The default value is 1 (True). <br># <br>IP_SEND_REDIRECTS=0 <br><br># <br># ip_strict_dst_multihoming <br># <br># This option determines whether to enable strict destination <br># multihoming. If this is set to 1 and ip_forwarding is set to 0, then <br># a packet sent to an interface from which it did not arrive will be <br># dropped. This setting prevents an attacker from passing packets across <br># a machine with multiple interfaces that is not acting a router. <br># The default value is 0 (False). <br># <br>IP_STRICT_DST_MULTIHOMING=1 <br><br># <br># tcp_conn_req_max_q0 <br># <br># This option determines the size of the queue containing half-open <br># connections. This setting provides protection from SYN flood attacks. <br># Solaris 2.6 and 7 (and 2.5.1 with patch 103582-12 and higher) include <br># protection from these attacks. The queue size default is adequate for <br># most systems but should be increased for busy Web servers. <br># The default value is 1024. <br># <br>TCP_CONN_REQ_MAX_Q0=4096 <br><br># Process the argument. 'stop' ignored. <br>case "$1" in <br>'start') <br><br># set the appropriate network options <br>ndd -set /dev/arp arp_cleanup_interval \ <br>$ARP_CLEANUP_INTERVAL <br>ndd -set /dev/ip ip_forward_directed_broadcasts \ <br>$IP_FORWARD_DIRECTED_BROADCASTS <br>ndd -set /dev/ip ip_forward_src_routed \ <br>$IP_FORWARD_SRC_ROUTED <br>ndd -set /dev/ip ip_ignore_redirect \ <br>$IP_IGNORE_REDIRECT <br>ndd -set /dev/ip ip_ire_flush_interval \ <br>$IP_IRE_FLUSH_INTERVAL <br>ndd -set /dev/ip ip_respond_to_address_mask_broadcast \ <br>$IP_RESPOND_TO_ADDRESS_MASK_BROADCAST <br>ndd -set /dev/ip ip_respond_to_echo_broadcast \ <br>$IP_RESPOND_TO_ECHO_BROADCAST <br>ndd -set /dev/ip ip_respond_to_timestamp \ <br>$IP_RESPOND_TO_TIMESTAMP <br>ndd -set /dev/ip ip_respond_to_timestamp_broadcast \ <br>$IP_RESPOND_TO_TIMESTAMP_BROADCAST <br>ndd -set /dev/ip ip_send_redirects \ <br>$IP_SEND_REDIRECTS <br>ndd -set /dev/ip ip_strict_dst_multihoming \ <br>$IP_STRICT_DST_MULTIHOMING <br>ndd -set /dev/tcp tcp_conn_req_max_q0 \ <br>$TCP_CONN_REQ_MAX_Q0 <br>;; <br><br>'stop') <br>;; <br><br>'show') <br>echo "Currently unimplemented." <br>;; <br><br>*) <br>echo "Usage: $0 { start | stop | show }" <br>exit 1 <br>;; <br>esac <br><br>exit 0 <br><br><br><br>参考资料 <br>Sun Blueprints 1999 <br>TITAN tools <br><br>中联绿盟信息技术有限公司 <a href="http://www.nsfocus.com" target=_blank>http://www.nsfocus.com</a> <br>deepin (deepin@nsfocus.com) 2000/9/28 <br><br>阅读2次 <br><br>来源:中联绿盟<br> <br> <br> <br><br> <br></p></td>
  </tr>
</table>

<p>
<CENTER><a href="http://www.jsp001.com/forum/newreply.php?action=newreply&threadid=379">点这里对该文章发表评论</a></CENTER>
<p>该文章总得分是 <font color=red>0</font> 分,你认为它对你有帮助吗?
				[<a href=javascript:void(0) onclick=window.open("http://www.jsp001.com/forum/codeVote.php?threadid=379&intVote=4","","menubar=no,toolbar=no,location=no,directories=no,status=no,resizable=no,scrollbars=no,width=70,height=40,top=0,left=0")>非常多</a>](<font color=red>0</font>) 
				[<a href=javascript:void(0) onclick=window.open("http://www.jsp001.com/forum/codeVote.php?threadid=379&intVote=2","","menubar=no,toolbar=no,location=no,directories=no,status=no,resizable=no,scrollbars=no,width=70,height=40,top=0,left=0")>有一些</a>](<font color=red>0</font>) 
				[<a href=javascript:void(0) onclick=window.open("http://www.jsp001.com/forum/codeVote.php?threadid=379&intVote=1","","menubar=no,toolbar=no,location=no,directories=no,status=no,resizable=no,scrollbars=no,width=70,height=40,top=0,left=0")>无帮助</a>](<font color=red>0</font>) 
				[<a href=javascript:void(0) onclick=window.open("http://www.jsp001.com/forum/codeVote.php?threadid=379&intVote=-1","","menubar=no,toolbar=no,location=no,directories=no,status=no,resizable=no,scrollbars=no,width=70,height=40,top=0,left=0")>是灌水</a>](<font color=red>0</font>) </p>
<script language="javascript" src="http://www.jsp001.com/include/read_thread_script.php?threadid=379"></script>
<p><CENTER>
Copyright &copy; 2001 - 2009 JSP001.com . All Rights Reserved <P>

<IMG SRC="../image/jsp001_small_logo.gif" WIDTH="85" HEIGHT="30" BORDER=0 ALT="">
</CENTER></p>

</body>
</html>
123

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -