Date: Thu, 20 Nov 1997 20:31:08 +0100 (CET) From: dev.random@dev.random.nu To: freebsd-security@freebsd.org Subject: Re: new TCP/IP bug in win95 (fwd) Message-ID: <Pine.BSF.3.96.971120203054.4554B-100000@iskh122.haninge.kth.se>
next in thread | raw e-mail | index | archive | help
> I've tried the exploit against FreeBSD 2.2.2, 2.2.5 and 3.0-current and the > results were interesting. FreeBSD 2.2.2 does not seem to be vulnerable, I had a good amount of my boxes attacked from outside sources. One of the 2.2.2 boxes did crash here as well. > > I've also tried the exploit against BSD/OS 2.1 and it also froze. There was > little difference in behaviour of FreeBSD and BSD/OS in the frozen > state. FreeBSD at least responded to ICMP echo packets and also managed to > establish TCP connections. I've tried telnet from other machine and it > reported connected to ...(buit that was all). BSD/OS was totally dead, > repsonding only to the reset switch. Hmm, the 3.0-CURRENT one is the only one I tried to ping, and it didnt seem to respond to ICMP's either. And I know in at least the cases of 2.2.2 & 2.2.5-STABLE, they responded to nothing but a reset button either. > > The problem is in my opinion not that critical because every decent network > should have IP spoofs filtered on the external router, so packets with > identical source and destination should not reach any inside machine (even > not the TCP layer on the external router). > This presents a bit of a problem with ISP's not having a router between their customers PPP connections and themselves. As anyone could have a Linux box sitting on their PPP connection and nail away. _</dev/random>________________________________________________________________ thomas stromberg % sysadmin(royal.institute.of.technology@haninge/stockholm) smtp(dev.random@dev.random.nu)%irc(devrandom)%talkd(random@dev.random.nu)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.971120203054.4554B-100000>