Date: Tue, 24 Jul 2001 15:23:38 -0400 From: Garance A Drosihn <drosih@rpi.edu> To: Matt Dillon <dillon@earth.backplane.com>, Brian Somers <brian@Awfulhak.org> Cc: "Jeroen Massar" <jeroen@unfix.org>, "'Brian Somers'" <brian@Awfulhak.org>, "'Hajimu UMEMOTO'" <ume@mahoroba.org>, aschneid@mail.slc.edu, ras@e-gerbil.net, roam@orbitel.bg, freebsd-security@FreeBSD.ORG, freebsd-gnats-submit@FreeBSD.ORG Subject: Re: bin/22595: telnetd tricked into using arbitrary peer ip Message-ID: <p05101012b7837a98d282@[128.113.24.47]> In-Reply-To: <200107231559.f6NFxng17095@earth.backplane.com> References: <200107231012.f6NACgg60192@hak.lan.Awfulhak.org> <200107231559.f6NFxng17095@earth.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 8:59 AM -0700 7/23/01, Matt Dillon wrote: >: >: Ok, I agree. I think we should bump UT_HOSTSIZE to 40 then and only >: put unscoped addresses in the field (ie, fec0::1, not fec0::1%vr0). >: >: Any disagreements ? Should this be brought up (explained) on -arch >: now ? > > Make it 56, and you've got to put the whole IP address in the > field, not the short form. Logs are often processed off-host > and the short form wouldn't be useful. And we have to worry > about X at some point. 40 isn't quite big enough. If we are going to go thru the pain of changing it at all, then we should change it to be big enough to be worthwhile. 56 sounds like a good number to me, or perhaps even a little big larger. Just a LITTLE bit larger though -- the 256 of openbsd sounds like overkill, IMO. I do think it's time to bring this up on -arch. I will do that. -- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?p05101012b7837a98d282>