OT: tos bits - current usage

• Previous message (by thread): What's the best way to wiretap a network?
• Next message (by thread): Third-Level Domains Not Patented
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Can anyone point me to any resources describing the current usage of the
  tos precedence bits.

Specifically what happens in practice, not what is suppose to happen (I
can find the RFC's and IETF documents okay).

Prompted by noting that a lot of spambots set the lowest precedence bit
(tos 0x20 in tcpdump), I assume this is just a reflection of what
operating system is in use/has been compromised?

Internet search engines seem to think the whole point of the tos bits is
to allow you to more accurately fingerprint remote operating systems, at
least that is what the naive searcher might conclude.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 218 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20040118/00a61f09/attachment.sig>

• Previous message (by thread): What's the best way to wiretap a network?
• Next message (by thread): Third-Level Domains Not Patented
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]