On Thursday 11 August 2016 15:44:24 Doug wrote:
On 08/11/2016 12:50 PM, Gene Heskett wrote:
On Thursday 11 August 2016 12:47:09 Nicolas George wrote: CC:ing emc-developers, and trinity-users who may not yet be aware of this tcp attack vector thats quite dangerous. And my post to trinity-users was in error, so this corrects it.
Le quintidi 25 thermidor, an CCXXIV, Gene Heskett a écrit :
to add should be changed to forward slashes:
You are wrong, sysctl supports both slashes and dots as separators.
Regards,
I changed it back Nicolas, and sysctl -p now returns: root@coyote:/etc/init.d# sysctl -p sysctl: cannot stat /proc/sys//net.ipv4.tcp_challenge_ack_limit: No such file or directory
Put the slashes back and I get this: root@coyote:/etc/init.d# sysctl -p .net.ipv4.tcp_challenge_ack_limit = 999999999
Which I assume is the correct response. And yet the echo shows all dots.
WTH? Ahh, my bad, no damned biscuit, an extra leading slash snuck in. But if a dot and a slash are the same to sysctl, I should have a file in the wrong place? But I do not. /net is empty. It is in the right place now. And cats the correct value.
Sorry about the confusion everybody.
Cheers, Gene Heskett
Running PCLOS. I put in the original command with dots. When I run sysctl.p from a root environment I get no response, but no error either. Don't know the significance of that.
--doug
Neither do I Doug, sorry. See the announcement on /. today & read the link to the post from the guys that found it that is in the story, UCsomething IIRC, see below. A closer read may answer it.
https://ucrtoday.ucr.edu/39030
And please keep things like this on the list you read it from. A PM is unfair to the other readers of the list you read it on, so I'll cc the three lists it was cross posted to as it sounds pretty serious to me.
And I just noted that the sysctl command you quoted above is incorrect, its sysctl -p, not sysctl.p.
Maybe that helps?
Cheers, Gene Heskett