Date: Tue, 3 Jun 1997 17:11:24 +1000 (EST) From: Darren Reed <darrenr@cyber.com.au> To: adam@homeport.org (Adam Shostack) Cc: wollman@khavrinen.lcs.mit.edu, darrenr@cyber.com.au, security@FreeBSD.ORG Subject: Re: TCP RST Handling in 2.2 (fwd) Message-ID: <199706030711.RAA01953@plum.cyber.com.au> In-Reply-To: <199706030324.XAA20211@homeport.org> from "Adam Shostack" at Jun 2, 97 11:24:15 pm
next in thread | previous in thread | raw e-mail | index | archive | help
In some mail I received from Adam Shostack, sie wrote > Garrett Wollman wrote: > | <<On Tue, 3 Jun 1997 08:38:23 +1000 (EST), Darren Reed <darrenr@cyber.com.au> said: > | > | > Currently, not even the SEQ number is verified (for an RST packet) - i.e. > | > that the ACK does acknowledge the SYN. > | > | > I think there is room for improvement in the code. Comments ? > | > | Certainly. It might also be worth implementing the three-way RST > | handshake which has been proposed by some to fill some theoretical > | gaps in TCP's handling of resets which could (very rarely) result in > | innocent connections getting reset. > > I'd strongly recommend against implementing a non standard > TCP mod as anything but an option for those who want to play with it. > Please don't put it in the base code. Ahem. This isn't a "play" thing. It's a bug which needs fixing. Darren
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706030711.RAA01953>