µ±Ç°Î»ÖãºLinux½Ì³Ì - Linux - µ÷Õû TCP/IP ·À·¶¹¥»÷

µ÷Õû TCP/IP ·À·¶¹¥»÷

·¢ÐÅÈË: sparrow (»Ú?²»»Ú?), ÐÅÇø: NTTech¡¡¡¡¡¡¡¡
±ê¡¡Ìâ: µ÷Õû TCP/IP ·À·¶¹¥»÷
·¢ÐÅÕ¾: BBS ˮľÇ廪վ (Mon Oct 23 01:39:24 2000)

µ÷Õû TCP/IP ·À·¶¹¥»÷¡¡


TCP/IP °²È«ÉèÖÃ
³ýÁËÉÏÊöËùÁгöµÄÉèÖÃÖ®Í⣬¿ÉÒÔÐÞ¸ÄÏÂÁÐÏîÒÔ¸¨Öúϵͳ¸üÓÐЧµØµÖÓù¹¥»÷¡£Çë×¢
Ò⣬ÕâЩÍƼöÖµ¾ö²»ÊÇʹϵͳ²»Êܹ¥»÷£¬¶øÖ»ÔÚÓÚµ÷Õû TCP/IP Õ»·À·¶¹¥»÷¡£ÕâЩ
ÏîµÄÉèÖò¢²»É漰ϵͳÉϵÄÐí¶àÆäËü×é¼þ£¨¿ÉÄܱ»ÓÃÓÚ¹¥»÷ϵͳ£©¡£¶ÔÓÚ×¢²á±íµÄ
Èκθü¸Ä£¬¹ÜÀíÔ±±ØÐë³ä·ÖÁ˽âÕâЩ¸ü¸Ä¶ÔϵͳĬÈϹ¦ÄܵÄÓ°ÏìÒÔ¼°ÔÚËûÃǵĻ·¾³
ÖÐÊÇ·ñÊʵ±¡£¡¡

SynAttackProtect¡¡

Ï TcpipParameters¡¡

ÊýÖµÀàÐÍ£ºREG_DWORD¡¡

ÓÐЧ·¶Î§£º0¡¢1¡¢2¡¡

0£¨Ã»ÓÐ SYN ¹¥»÷±£»¤£©
1£¨Èç¹ûÂú×ã TcpMaxHalfOpen ºÍ TcpMaxHalfOpenRetried ÉèÖ㬼õÉÙÖØ´«ÖØÊÔ´Î
ÊýÓëÑÓ³ÙµÄ RCE£¨Â·ÓÉ»º´æÏ´´½¨¡££©¡¡
2£¨³ý 1 Ö®ÍâµÄÁíÒ»¸ö Winsock ÑÓ³Ùָʾ¡££©¡¡

±¸×¢ µ±ÏµÍ³·¢ÏÖ×Ô¼ºÊܵ½¹¥»÷ʱ£¬ÈκÎÌ×½Ó×ÖÉϵÄÏÂÁÐÑ¡Ïî²»ÔÙÆôÓ㺿ÉËõ·Å´°
¿Ú (RFC 1323) Óëÿ¸öÊÊÅäÆ÷ÉÏÒÑÅäÖà TCP ²ÎÊý£¨³õʼ RTT¡¢´°¿Ú´óС£©¡£ÕâÊÇ
ÒòΪµ±±£»¤ÉúЧʱ£¬ÔÚ·¢ËÍ SYN-ACK ֮ǰ²»ÔÙ²éѯ·ÓÉ»º´æÏ²¢ÇÒÁ¬½Ó¹ý³ÌÖÐ
Winsock Ñ¡Ïî²»¿ÉÓᣡ¡

ĬÈÏÖµ£º 0 (false)¡¡

ÍƼöÖµ£º 2¡¡

˵Ã÷£ºSYN ¹¥»÷±£»¤°üÀ¨¼õÉÙ SYN-ACK ÖØ´«´ÎÊý£¬ÒÔ¼õÉÙ·ÖÅä×ÊÔ´Ëù±£ÁôµÄʱ¼ä
¡£Â·ÓÉ»º´æÏî×ÊÔ´·ÖÅäÑÓ³Ù£¬Ö±µ½½¨Á¢Á¬½ÓΪֹ¡£Èç¹û synattackprotect = 2£¬
Ôò AFD µÄÁ¬½ÓָʾһֱÑÓ³Ùµ½Èý·ÎÕÊÖÍê³ÉΪֹ¡£×¢Ò⣬½öÔÚ TcpMaxHalfOpen¡¡
ºÍ TcpMaxHalfOpenRetried ÉèÖó¬³ö·¶Î§Ê±£¬±£»¤»úÖƲŻá²ÉÈ¡´ëÊ©¡£¡¡

TcpMaxHalfOpen¡¡

Ï TcpipParameters¡¡

ÊýÖµÀàÐÍ£º REG_DWORD - Êý×Ö¡¡

ÓÐЧ·¶Î§£º 100-0xFFFF¡¡

ĬÈÏÖµ£º 100 (Professional¡¢Server)¡¢500 (Advanced Server)¡¡

˵Ã÷£º¸Ã²ÎÊý¿ØÖÆ SYN ¹¥»÷±£»¤Æô¶¯Ç°ÔÊÐí´¦ÓÚ SYN-RCVD ״̬µÄÁ¬½ÓÊýÁ¿¡£Èç
¹û½« SynAttackProtect ÉèΪ 1£¬È·±£¸ÃÊýÖµµÍÓÚÒª±£»¤µÄ¶Ë¿ÚÉÏ AFD ÕìÌýÔ¤±¸
µÄÖµ£¨ÓйØÏêϸÐÅÏ¢£¬²Î¼û¸½Â¼ C ÖеÄÔ¤±¸²ÎÊý£©¡£ÓйØÏêϸÐÅÏ¢£¬Çë²Î¼û¡¡
SynAttackProtect ²ÎÊý¡£¡¡

TcpMaxHalfOpenRetried¡¡

Ï TcpipParameters¡¡

ÊýÖµÀàÐÍ£º REG_DWORD - Êý×Ö¡¡

ÓÐЧ·¶Î§£º 80-0xFFFF¡¡

ĬÈÏÖµ£º 80 (Professional¡¢Server)¡¢400 (Advanced Server)¡¡

˵Ã÷£º¸Ã²ÎÊý¿ØÖÆÔÚ SYN ¹¥»÷±£»¤Æô¶¯Ç°´¦ÓÚ SYN-RCVD ״̬µÄÁ¬½ÓÊýÁ¿£¬¶ÔÓÚ
¸ÃÁ¬½ÓÖÁÉÙÓÐÒ»¸ö SYN ÖØ´«ÒѾ­·¢ËÍ¡£ÓйØÏêϸÐÅÏ¢£¬²Î¼û SynAttackProtect¡¡
²ÎÊý¡£¡¡

EnablePMTUDiscovery¡¡

Ï TcpipParameters¡¡

ÊýÖµÀàÐÍ£ºREG_DWORD - ²¼¶ûÖµ¡¡

ÓÐЧ·¶Î§£º0¡¢1£¨false¡¢true£©¡¡

ĬÈÏÖµ£º 1 (true)¡¡

ÍƼöÖµ£º 0¡¡

˵Ã÷£º½«¸Ã²ÎÊýÉèÖÃΪ 1 (true) ʱ£¬TCP ½«²éÕÒµ½´ïÔ¶³ÌÖ÷»ú·¾¶ÉϵÄ×î´ó´«Êä
µ¥Î»£¨MTU »ò×î´óµÄÊý¾Ý°ü´óС£©¡£Í¨¹ý·¢ÏÖ·¾¶ MTU ²¢½« TCP ×Ö¶ÎÏÞÖƵ½Õâ¸ö
´óС£¬TCP ¿ÉÒÔÏÞÖÆÔÚÁ¬½áµ½²»Í¬µÄ MTU ÍøÂçµÄ·ÓÉÆ÷ÉϵÄËéƬ¡£ËéƬ»áÓ°Ïì¡¡
TCP ÍÌÍÂÁ¿ºÍÍøÂç¶ÂÈû¡£½«Õâ¸ö²ÎÊýÉèÖÃ³É 0£¬»áµ¼ÖÂΪËùÓв»ÔÚ±¾µØ×ÓÍøÉÏÖ÷»ú
Á¬½ÓʹÓà 576 ×Ö½ÚµÄ MTU¡£¡¡

NoNameReleaseOnDemand¡¡

Ï NetbtParameters¡¡

ÊýÖµÀàÐÍ£º REG_DWORD - ²¼¶ûÖµ¡¡

ÓÐЧ·¶Î§£º0¡¢1£¨false¡¢true£©¡¡

ĬÈÏÖµ£º 0 (false)¡¡

ÍƼöÖµ£º 1¡¡

˵Ã÷£º¸Ã²ÎÊýÈ·¶¨µ±ÊÕµ½ÍøÂçµÄÃû³ÆÊÍ·ÅÇëÇóʱ£¬¼ÆËã»úÊÇ·ñÊÍ·ÅÆä NetBIOS Ãû
³Æ¡£Ìí¼Ó¸Ã²ÎÊý£¬¹ÜÀíÔ±¾Í¿ÉÒÔ±£»¤»úÆ÷ÃâÔâ¶ñÒâÃû³ÆÊͷŹ¥»÷¡£¡¡

EnableDeadGWDetect¡¡

Ï TcpipParameters¡¡

ÊýÖµÀàÐÍ£º REG_DWORD - ²¼¶ûÖµ¡¡

ÓÐЧ·¶Î§£º0¡¢1£¨false¡¢true£©¡¡

ĬÈÏÖµ£º 1 (true)¡¡

ÍƼöÖµ£º 0¡¡

˵Ã÷£ºµ±¸Ã²ÎÊýÉèΪ 1 ʱ£¬ÔÊÐí TCP Ö´Ðмä¸ôÍø¹Ø¼ì²â¡£ÆôÓøù¦ÄÜʱ£¬Èç¹û´¦
Àí¶à¸öÁ¬½ÓÓÐÀ§ÄÑʱ£¬TCP ¿ÉÒÔÇëÇó IP ¸Äµ½±¸·ÝÍø¹Ø¡£±¸·ÝÍø¹Ø¿ÉÒÔÔÚ¡°ÍøÂç¿Ø
ÖÆÃæ°å¡±ÖС°TCP/IP ÅäÖᱶԻ°¿òµÄ¡°¸ß¼¶¡±²¿·Ö½øÐж¨Òå¡£ÓйØÏêϸÐÅÏ¢£¬Çë
²Î¼û±¾ÎÄ¡°¼ä¸ôÍø¹Ø¼ì²â¡±Ò»½Ú¡£¡¡

KeepAliveTime¡¡

Ï TcpipParameters¡¡

ÊýÖµÀàÐÍ£ºREG_DWORD - ʱ¼ä£¨ºÁÃ룩¡¡

ÓÐЧ·¶Î§£º 1-0xFFFFFFFF¡¡

ĬÈÏÖµ£º 7,200,000£¨Á½¸öСʱ£©¡¡

ÍƼöÖµ£º300,000¡¡

˵Ã÷£ºÍ¨¹ý·¢Ëͱ£ÁôµÄÊý¾Ý°ü£¬¸Ã²ÎÊý¿ÉÈ·¶¨ TCP Òª¸ô¶à³¤Ê±¼äÑéÖ¤Ò»´ÎÏÐÖÃÁ¬
½ÓÈÔÈÔδ¶Ï¿ª¡£Èç¹ûÔ¶³ÌϵͳÈÔ¿ÉÒÔÁ¬½Ó²¢ÕýÔÚÔËÐУ¬Ëü¾Í»áÈ·Èϱ£Áô´«Ê䡣ĬÈÏ
Çé¿öÏ£¬²»·¢Ëͱ£ÁôÊý¾Ý°ü¡£Ó¦ÓóÌÐò¿ÉÒÔÔÚÁ¬½ÓÉÏÆôÓÃÕâÒ»¹¦ÄÜ¡£¡¡

PerformRouterDiscovery¡¡

Ï TcpipParametersInterfacesinterface¡¡

ÊýÖµÀàÐÍ£ºREG_DWORD¡¡

ÓÐЧ·¶Î§£º0¡¢1¡¢2¡¡

0£¨½ûÓã©
1£¨ÆôÓã©
2£¨½öµ± DHCP ·¢ËÍ·ÓÉÆ÷·¢ÏÖÑ¡ÏîʱÆôÓã©¡¡

ĬÈÏÖµ£º 2£¬DHCP ¿ØÖÆ£¬µ«Ä¬ÈÏÇé¿öÏÂΪ¹Ø±Õ¡£¡¡

ÍƼöÖµ£º 0¡¡

˵Ã÷£º¸Ã²ÎÊý¿ØÖÆ Windows 2000 ÊÇ·ñ¸ù¾Ýÿ¸ö½Ó¿ÚÉ쵀 RFC 1256 Ö´ÐзÓÉÆ÷·¢
ÏÖ¡£Ò²¿É²Î¼û SolicitationAddressBcast