CK’s that contain no data are not reliably transmitted by TCP. If zero window probing is not supported, a connection may hang forever when an ACK segment that re-opens the window is lost. This type of attack has been realized since 2006. This means that an application or firewall must selectively abort TCP connections that appear malicious by staying in the persist state and consume large amounts of resources.

Make sure a firewall rule isn’t blocking NFS. If NFS is running on the server and clients _can_ mount, but it’s just really slow, then things get a little hairly. You can’t just look for a problem on a client or a fix a misconfigured server. You’ll have to look at the whole ball of wax… If MTU mismatch doesn’t seem to be a problem, try going the other way and increasing the MTU size. Use the traceroute command to look for unexpected routing hops or delays.

dd and netcat on one end, netcat and dd on the other. so simple, it’s like magic.

I like the description of spending a friday night spent geeking out. It makes me miss my old viewsonic 21″ CRT that I got for ninety-nine bucks from a busted dot com venture capital business back in the 90’s.