From owner-freebsd-security  Thu Sep 17 04:34:54 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id EAA22223
          for freebsd-security-outgoing; Thu, 17 Sep 1998 04:34:54 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from cheops.anu.edu.au (cheops.anu.edu.au [150.203.224.24])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA22203
          for <freebsd-security@FreeBSD.ORG>; Thu, 17 Sep 1998 04:34:46 -0700 (PDT)
          (envelope-from avalon@coombs.anu.edu.au)
Message-Id: <199809171134.EAA22203@hub.freebsd.org>
Received: by cheops.anu.edu.au
	(1.37.109.16/16.2) id AA181931634; Thu, 17 Sep 1998 21:27:14 +1000
From: Darren Reed <avalon@coombs.anu.edu.au>
Subject: Re: Are we vulnerable to "stealth" port scans?
To: phk@critter.freebsd.dk (Poul-Henning Kamp)
Date: Thu, 17 Sep 1998 21:27:13 +1000 (EST)
Cc: jkb@best.com, john@unt.edu, freebsd-security@FreeBSD.ORG
In-Reply-To: <8631.906017885@critter.freebsd.dk> from "Poul-Henning Kamp" at Sep 17, 98 09:38:05 am
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In some mail from Poul-Henning Kamp, sie said:
> 
> 
> patches ?

hmmm, see if you can track down the code which makes the replies
sent back different - i.e. all RST's go back with fields filled in
by what was received.  THe problem is leakage of internal information
DEPENDING (<- which is what makes it possible) on what state (if any)
the socket which matches the packet used to scan with.

darren

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message