From owner-freebsd-security Tue Jul 24 12:24:35 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.22.40]) by hub.freebsd.org (Postfix) with ESMTP id 2059037B407; Tue, 24 Jul 2001 12:24:30 -0700 (PDT) (envelope-from drosih@rpi.edu) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.11.3/8.11.3) with ESMTP id f6OJNfs73486; Tue, 24 Jul 2001 15:23:41 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: In-Reply-To: <200107231559.f6NFxng17095@earth.backplane.com> References: <200107231012.f6NACgg60192@hak.lan.Awfulhak.org> <200107231559.f6NFxng17095@earth.backplane.com> Date: Tue, 24 Jul 2001 15:23:38 -0400 To: Matt Dillon , Brian Somers From: Garance A Drosihn Subject: Re: bin/22595: telnetd tricked into using arbitrary peer ip Cc: "Jeroen Massar" , "'Brian Somers'" , "'Hajimu UMEMOTO'" , aschneid@mail.slc.edu, ras@e-gerbil.net, roam@orbitel.bg, freebsd-security@FreeBSD.ORG, freebsd-gnats-submit@FreeBSD.ORG Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 8:59 AM -0700 7/23/01, Matt Dillon wrote: >: >: Ok, I agree. I think we should bump UT_HOSTSIZE to 40 then and only >: put unscoped addresses in the field (ie, fec0::1, not fec0::1%vr0). >: >: Any disagreements ? Should this be brought up (explained) on -arch >: now ? > > Make it 56, and you've got to put the whole IP address in the > field, not the short form. Logs are often processed off-host > and the short form wouldn't be useful. And we have to worry > about X at some point. 40 isn't quite big enough. If we are going to go thru the pain of changing it at all, then we should change it to be big enough to be worthwhile. 56 sounds like a good number to me, or perhaps even a little big larger. Just a LITTLE bit larger though -- the 256 of openbsd sounds like overkill, IMO. I do think it's time to bring this up on -arch. I will do that. -- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message