changing IP TTL

tuning the ip ttl to prevent datasteals... wow... and i thought my paranoia level is high

Ah, KB 462759 is what I wanted, thank you.

You know, I would claim that this isn't entirely paranoia ... I work at a non-profit, and we just aren't particularly concerned about security (nothing to steal).  What concerns us a little more relates to DoS -- someone swamping out Internet links using the cluster as a DoS platform (consider the DNS vulnerability of some years ago, in which OneFS clusters ... and plenty of other platforms ... were hijacked to send streams of DNS frames at targets ... even a small cluster combined with a fat Internet pipe makes a *fabulous* DoS platform )  Or, someone imagining that the data on our cluster would be useful to them, copying it off, and swamping our outbound Internet pipe in the process.  This IP TTL mod limits the radius of damage.

That being said, the global value of shrinking IP TTL would be, I suspect, found in applying this to Internet of Things devices ... rather than to low-volume boxes like OneFS clusters.

Anyway, has anyone else considered doing this?  Or I am actually breaking ground here? 

--sk

this scenario only works, if your isilon DNS (or any other DNS) is reachable from the Internet (replay attack). OR (and this is even worse) if the isilon would be hijacked. Even if you are not concerned about security, i would want to prevent the cause and not the symptoms.

But that's none of my business

Rgds

--sluetze

Yes, I think you're pointing out a relevant point -- twinking with IP TTL would (ideally!) just be a minor step in any set of defense-in-depth efforts.