From owner-freebsd-net  Sat Nov  2 23:20:20 2002
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8290537B401
	for <net@freebsd.org>; Sat,  2 Nov 2002 23:20:19 -0800 (PST)
Received: from InterJet.elischer.org (12-232-206-8.client.attbi.com [12.232.206.8])
	by mx1.FreeBSD.org (Postfix) with ESMTP id EEFD643E97
	for <net@freebsd.org>; Sat,  2 Nov 2002 23:20:18 -0800 (PST)
	(envelope-from julian@elischer.org)
Received: from localhost (localhost.elischer.org [127.0.0.1])
	by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id XAA55315;
	Sat, 2 Nov 2002 23:15:44 -0800 (PST)
Date: Sat, 2 Nov 2002 23:15:43 -0800 (PST)
From: Julian Elischer <julian@elischer.org>
To: Pawel Tyll <ofca@ofca.pl>
Cc: brian@awfulhak.org, net@freebsd.org
Subject: Re: PPPoEd Bug.
In-Reply-To: <Pine.LNX.4.44.0211030217170.27234-100000@terror.org.pl>
Message-ID: <Pine.BSF.4.21.0211022311060.55233-100000@InterJet.elischer.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org



On Sun, 3 Nov 2002, Pawel Tyll wrote:

> Hi Brian,
> 
> Today, after few hours of fighting with FreeBSD, I found one nasty bug in
> your PPPoEd implementation. It all started with accidental patching of
> RASPPPoE windows PPPoE client (http://user.cs.tu-berlin.de/~normanb/).
> 
> There is a patch for RASPPPoE, which allows it to connect to non-RFC
> compliant PPPoE servers, like 3Com modems. PPPoEd supports such clients,
> however - after processing request from such client, it doesn't talk to
> normal RFC-compliant clients anymore :(

The code for doing non complient pppoe was written to be used as a
client. I'm amazed it works as a server too.. (and I wrote it).

Am I right in understanding that you accidentally had a non-compliant
client, and therefore discoverd that FreeBSD as a server could cope with
that, but that once it did, it couldn't go back?

> - it looks like a quite nice DoS
> attack possibility for me, ISP, lots of RFC-compliant users, and one
> kiddie with patched RASPPPoE...Patched clients can connect without
> problems, PPPoE receives requests from normal clients, however it
> (probably - didn't check it) answers them with modified ether-type,
> which makes it impossible for them to 'hear' the answer. Hope you can
> come up with a fix soon :)
> 

I'll have a look.

> Best regards,
> 
> Pawel 'ofca' Tyll.
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-net" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message