Results 1 to 2 of 2

Thread: TCP Optimizer and Nessus Warning

  1. #1
    xaros2000
    Guest

    Question TCP Optimizer and Nessus Warning

    Hello to All-Just downloaded TCP Optimizer 2.0.1 and applied the recommended "Optimized" settings on my system:Performance is simply GREAT-A big THANKS to all the coders that came up with this software...

    Then,I ran Nessus (actually NeTW,the windows version of Nessus-http://www.tenablesecurity.com/products/newt.shtml),
    just to see if any significant security changes occured.
    It came up with this new info:
    SYN Scan - Nessus plugin ID 11219
    This plugin performs a supposedly fast SYN port scan.
    It does so by computing the RTT (round trip time) of the packets
    coming back and forth between the nessusd host and the target,
    then it uses that to quicky send SYN packets to the remote host.

    So,what i'm asking here{'cause i'm not a TCP genious ;-)},
    is someone kind enough to tell me:Should i reduce the RTT?If yes,how?What exactly should i change in TCP Optimizer or directly in the Registry to avoid this security warning?

    In case someone needs to examine it,this was my configuration just before running the suggested 'Optimized" settings:
    (Running XP Pro SP1 and SpeedTouch 530,PPPoE,384 Kbs)
    TCP/IP Parameters:
    "ForwardBroadcasts"=dword:00000000
    "IPEnableRouter"=dword:00000000
    "Domain"=""
    "Hostname"="*****"
    "SearchList"=""
    "UseDomainNameDevolution"=dword:00000001
    "EnableICMPRedirect"=dword:00000001
    "DeadGWDetectDefault"=dword:00000001
    "DontAddDefaultGatewayDefault"=dword:00000000
    "EnableSecurityFilters"=dword:00000000
    "SynAttackProtect"=dword:00000002
    "TcpMaxHalfOpen"=dword:00000040
    "TcpMaxHalfOpenRetried"=dword:00000032
    "TcpMaxPortsExhausted"=dword:00000005
    "TcpMaxConnectResponseRetransmissions"=dword:00000002
    "TcpMaxDataRetransmissions"=dword:00000003
    "EnablePMTUDiscovery"=dword:00000001
    "KeepAliveTime"=dword:000493e0
    "EnableICMPRedirects"=dword:00000000
    "EnableDeadGWDetect"=dword:00000000
    "DisableIPSourceRouting"=dword:00000000
    "EnableFragmentChecking"=dword:00000001
    "EnableMulticastForwarding"=dword:00000000
    "EnableAddrMaskReply"=dword:00000000
    "TcpTimedWaitDelay"=dword:0000005a
    "DhcpNameServer"="10.0.0.138"
    "DhcpDomain"="lan"
    ------------------
    AFD Parameters:
    "EnableDynamicBacklog"=dword:00000001
    "MinimumDynamicBacklog"=dword:00000014
    "MaximumDynamicBacklog"=dword:00004650
    "DynamicBacklogGrowthDelta"=dword:00000008
    "DisableAddressSharing"=dword:00000001
    ------------------

    Again,thanks in advance for any reply...

  2. #2
    fem the retarded rabbit mccoffee's Avatar
    Join Date
    Nov 2001
    Location
    Cleveland, Ohio, United States
    Posts
    13,365
    you can't change the rtt time that is all controled by the routes from your host to that site
    Comptia a+ n+

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •