Date: Fri, 13 Aug 2004 12:36:48 -0500 (CDT) From: Mike Silbersack <silby@silby.com> To: Steve Zweep <steve@borderware.com> Cc: freebsd-security@freebsd.org Subject: Re: ICMP attacks against TCP Message-ID: <20040813123400.G1539@odysseus.silby.com> In-Reply-To: <411CE478.3050607@borderware.com> References: <411CE478.3050607@borderware.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 13 Aug 2004, Steve Zweep wrote: > Has anyone seen the recently published IETF draft regarding ICMP attacks > against TCP? > [http://www.ietf.org/internet-drafts/draft-gont-tcpm-icmp-attacks-00.txt] > > I'm interested in any comments as to the vulnerability of FreeBSD's TCP to > such attacks and the need for or usefulness of the various solutions proposed > in the paper. > > Thanks, all > > - Steve Back when the RST semi-blind attacks came out, I double-checked our ICMP code for the same condition. It turns out that this was fixed by one of our developers years and years ago. I can't recall the exact version of the change now, but I believe it occured around 4.1 or 4.2. So, it could use some quick review, but I think we're good here. Mike "Silby" Silbersack
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040813123400.G1539>