Date: Thu, 17 Oct 2002 12:35:12 -0700 (PDT) From: Mike Hoskins <mike@adept.org> To: David Schultz <dschultz@uclink.Berkeley.EDU> Cc: freebsd-security@FreeBSD.ORG Subject: Re: CERT VU#539363 Message-ID: <20021017122854.G6449-100000@fubar.adept.org> In-Reply-To: <20021017115233.GA10789@HAL9000.homeunix.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 17 Oct 2002, David Schultz wrote: > I just read the latter advisory you referred to. It appears to be > based on the paper by Stephen Gill that it cites, and the author > of the advisory doesn't seem to realize that the described > vulnerabilities aren't new or recently discovered. Yes, they've existed as long as state tables have. > variants. That said, I still find the problem of intelligently > managing firewall state very interesting. That was my primary reason for bringing this to -security. (The second being to see if we had a readied response.) I knew the issues discussed were nothing knew, as I think anyone running stateful firewalls has known for quite some time... I just wanted to see official opinion about our implementation. > [1] Paxson, V. Bro: A System for Detecting Network Intruders in > Real-Time. Berkeley, 1999. ftp://ftp.ee.lbl.gov/papers/bro-CN99.ps.gz Ahh, the alma matter. Touche, I'm reading it now. ;) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021017122854.G6449-100000>