Computer Tips -Tech Info

Tag: TCP

  • UDP problem…

    I found a peculiar problem while I was setting up an openvpn link the other day. The goal was a simple shared key setup and I started with the sample configuration and modified it a bit to fit the circumstances, I allowed the correct UDP port through the firewall (I think 1194 if I recall correctly) and … it didn’t work. So…. I started over and worked from empty config files and put in the bare minimums… it still didn’t work – no appearance that it was making the connection at all to negotiate the link. I double and triple checked the firewall config/restarted it… nothing Then I decided to try TCP instead of a UDP port. Changed the firewall config to allow the TCP traffic on 1194, adjusted the server and client config and lo and behold it worked. The firewall in question….

    (more…)

  • The great firewall of China

    The great firewall of China may be just an illusion in technical terms. This article describes the details of how things work…. Basically when “banned content” is detected, both ends of the connection are sent a flood of tcp reset packets. Which (if both sides are designed to pay attention to) means that the two computers “hang up” assuming the other side reset the connection. But, while most current PC operating systems obey the reset packets…. it’s not something that is imperative. (You might think of this as a targeted/surgical denial of service attack using TCP reset packets…) The article goes a bit deeper though….

    (more…)

  • Ping not working? try ARP

    I’ll confess to having a lot to learn about IP ethernet networking. I feel pretty comfortable with basic TCP/IP (v4), the concept of UDP vs. TCP ports, ICMP pings, etc… but ARP is something that I haven’t dabbled much with. It is, of course, a layer that TCP depends on. When a machine sends a packet to another machine, it sends an arp packet out to “discover” the hardware (MAC) address of the machine on the other end, so ARP underlies everything. These days ICMP is many times blocked by firewall rules. The default with XP’s software firewall is to block ICMP pings for instance.

    (more…)

  • Esbot and Zotob updates….

    Wednesday afternoon and Esbot is up to revision .B, Zotob is up to G according to Sarc (Symantec antivirus research). They have appropriate removal tools and details on affected systems there. Meanwhile the Sans institute (incidents.org) has a rundown of the latest in todays handlers diary.

    (more…)