Date: Tue, 16 Sep 2014 15:34:25 +0200 From: n j <nino80@gmail.com> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-14:19.tcp Message-ID: <CALf6cgY7M6cQ%2BODRGhnupz%2BNmM8H5f2CDPpFaiJT4kcQqTE2uw@mail.gmail.com> In-Reply-To: <201409161014.s8GAE77Z070671@freefall.freebsd.org> References: <201409161014.s8GAE77Z070671@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On Tue, Sep 16, 2014 at 12:14 PM, FreeBSD Security Advisories < security-advisories@freebsd.org> wrote: > IV. Workaround > > It is possible to defend against these attacks with stateful traffic > inspection using a firewall. This can be done by enabling pf(4) on > the system and creating states for every connection. Even a default > ruleset to allow all traffic would be sufficient to mitigate this > issue. > Any chance of getting more information in Workaround section? Is the workaround applicable only to pf or IPFW also helps? Perhaps an example rule? > VII. References > > <URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0230>; > 2004? Wow, that's an old one. Thanks, -- Nino
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CALf6cgY7M6cQ%2BODRGhnupz%2BNmM8H5f2CDPpFaiJT4kcQqTE2uw>