Site Navigation

Date:      Wed, 25 Feb 2015 18:21:58 +0100
From:      Remko Lodder <remko@FreeBSD.org>
To:        Karl Pielorz <kpielorz_lst@tdx.co.uk>
Cc:        freebsd-security@freebsd.org
Subject:   Re: FreeBSD Security Advisory FreeBSD-SA-15:04.igmp (fwd) - ipfw fix?
Message-ID:  <1BE461E0-D2AC-4222-8D41-B7F97E83FD74@FreeBSD.org>
In-Reply-To: <ABE6D1EBAF2F5AEB25D65407@[10.12.30.106]>
References:  <ABE6D1EBAF2F5AEB25D65407@[10.12.30.106]>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

[-- Attachment #1 --]

> On 25 Feb 2015, at 12:24, Karl Pielorz <kpielorz_lst@tdx.co.uk> wrote:
> 
> 
> Hi,
> 
> Presumably if you don't need IGMP, ipfw can be used to mitigate this on hosts until they're patched / rebooted, i.e.
> 
> ipfw add x deny igmp from any to any
> 
> ?


This suggests that you can filter the traffic:

Block incoming IGMP packets by protecting your host/networks with a firewall.
 (Quote from the SA).

Br,
Remko

> 
> Thanks,
> 
> -Karl
> 
> ---------- Forwarded Message ----------
> Date: 25 February 2015 06:29 +0000
> From: FreeBSD Security Advisories <security-advisories@freebsd.org>
> To: FreeBSD Security Advisories <security-advisories@freebsd.org>
> Subject: FreeBSD Security Advisory FreeBSD-SA-15:04.igmp
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> 
> ===========================================================================
> == FreeBSD-SA-15:04.igmp                                       Security
> Advisory                                                           The
> FreeBSD Project
> 
> Topic:          Integer overflow in IGMP protocol
> 
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

--
/"\   Best regards,                      | remko@FreeBSD.org
\ /   Remko Lodder                       | remko@EFnet
 X    http://www.evilcoder.org/          |
/ \   ASCII Ribbon Campaign              | Against HTML Mail and News


[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJU7gS3AAoJEKjD27JZ84ywuWYQAKrK/VCC5CfTrftCoJXFF8vl
MuB8/1dP8rooI3q0mHZ218gyggUhBC8vGEjKSa9exug6ME7PIxWAqNsGnTVYFkNo
8dzrRvXoy/sEaMNcCO6+9Mn3UP8OAYY9kJBe9UaWruXjsbqAnkETkVNaBJ18mZse
GMZPKN93+E11cNBYWiAsZihCkjDTY4ixQjopt6AlcpRWVb9lkLwBsiH4XQOhe7C7
lIBuNGtq9jA0kpBU0FduxglquJCaBTY2wU1fKnOeqgVtT7sLaJ1NmELACJJzBWU8
Lh0ud8MQ8yiqLB6fLVfVLVIzX/jWTiVPvzgLs0p0UiP6I7YBPPHeOXSaQ87Kzkwj
146cT+YphCLuEnLS9MZp2xJ2pEvgw2390vyMecB0xcJhVlNhB+NB5rJxW+BJyx0Y
UsqCeu7YFkOtZDiGzcuie+SnPdDmM28S8BSOy1UHhPz3tArdQfvqF25HMno6tW0L
o6H+kLcdUeXCdMYZd7Kij2aQJRWnNt/ytsRfuzXa3nDBlMUmNSkZpJZ2DtcBJqUl
zVI8iau9F+Ibhs/hxbSjtQ4f+IhOXyn5ZXCgx02xFFw/XBiDbLOSqeY2xkoTlL0m
N5630f1d4gZ3gZtWiMfDYvnjX7SbCFO7az0LxvFOxxBqmkWf9KW2xrOwyRbrZSJ/
Li7GIzf8EsXd7ECCJ9Tm
=9xR7
-----END PGP SIGNATURE-----

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1BE461E0-D2AC-4222-8D41-B7F97E83FD74>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact