Amer Networks E5Web GUI User Manual

Default: 7000 bytes

TCP Auto Clamping

Automatically clamp TCP MSS according to MTU of involved interfaces, in addition to
TCPMSSMax.

Default: Enabled

TCP Zero Unused ACK

Determines whether cOS Core should set the ACK sequence number field in TCP packets to zero
if it is not used. Some operating systems reveal sequence number information this way, which
can make it easier for intruders wanting to hijack established connections.

Default: Enabled

TCP Zero Unused URG

Strips the URG pointers from all packets.

Default: Enabled

TCP Option WSOPT

Determines how cOS Core will handle window-scaling options. These are used to increase the
size of the window used by TCP; that is to say, the amount of information that can be sent before
the sender expects ACK. They are also used by OS Fingerprinting. WSOPT is a common
occurrence in modern networks.

Default: ValidateLogBad

TCP Option SACK

Determines how cOS Core will handle selective acknowledgement options. These options are
used to ACK individual packets instead of entire series, which can increase the performance of
connections experiencing extensive packet loss. They are also used by OS Fingerprinting. SACK is
a common occurrence in modern networks.

Default: ValidateLogBad

TCP Option TSOPT

Determines how cOS Core will handle time stamp options. As stipulated by the PAWS (Protect
Against Wrapped Sequence numbers) method, TSOPT is used to prevent the sequence numbers
(a 32-bit figure) from "exceeding" their upper limit without the recipient being aware of it.

This is not normally a problem. Using TSOPT, some TCP stacks optimize their connection by
measuring the time it takes for a packet to travel to and from its destination. This information can
then be used to generate resends faster than is usually the case. It is also used by OS
Fingerprinting. TSOPT is a common occurrence in modern networks.

Default: ValidateLogBad

Chapter 12: Advanced Settings

725