From owner-freebsd-current@FreeBSD.ORG Fri Feb 11 20:31:23 2005 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7FBF216A4CE for ; Fri, 11 Feb 2005 20:31:23 +0000 (GMT) Received: from mail.crypta.net (mail.crypta.net [83.136.131.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id CF93443D45 for ; Fri, 11 Feb 2005 20:31:22 +0000 (GMT) (envelope-from ah@crypta.net) Received: by mail.crypta.net ([crypta.net] mailer, from userid 1001) id 0E097ECD406; Fri, 11 Feb 2005 21:31:20 +0100 (CET) Date: Fri, 11 Feb 2005 21:31:19 +0100 From: Andy Hilker To: "Li, Qing" , freebsd-current@freebsd.org Message-ID: <20050211203119.GA76141@mail.crypta.net> References: <00CDF9AA240E204FA6E923BD35BC64360879060E@bcs-mail.internal.cacheflow.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <00CDF9AA240E204FA6E923BD35BC64360879060E@bcs-mail.internal.cacheflow.com> User-Agent: Mutt/1.4.2.1i X-PGP-Key: http://wwwkeys.pgp.net:11371/pks/lookup?op=get&search=0xEC6E1071 X-PGP-Fingerprint: 9B2E 5892 AD93 D5C5 FB8E 3912 35D6 951B EC6E 1071 Organization: cryptobank - Andy Hilker Subject: Re: known TCP vulnerability ?? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Feb 2005 20:31:23 -0000 Hi, You (Li, Qing) wrote: > > http://www.kb.cert.org/vuls/id/464113 > > http://www.linuxsecurity.com/content/view/104980/98/ > > Ran the packet tests against FreeBSD 5.3 and 6-CURRENT and both > respond to the SYN+FIN packets with SYN+ACK. do you have "options TCP_DROP_SYNFIN" in your kernel config? bye, Andy