From owner-freebsd-stable Thu Jan 20 19: 7:51 2000 Delivered-To: freebsd-stable@freebsd.org Received: from lariat.lariat.org (lariat.lariat.org [206.100.185.2]) by hub.freebsd.org (Postfix) with ESMTP id 4993714CCE; Thu, 20 Jan 2000 19:07:46 -0800 (PST) (envelope-from brett@lariat.org) Received: from workhorse (IDENT:ppp0.lariat.org@lariat.lariat.org [206.100.185.2]) by lariat.lariat.org (8.9.3/8.9.3) with ESMTP id UAA13131; Thu, 20 Jan 2000 20:01:55 -0700 (MST) Message-Id: <4.2.2.20000120194320.019e0220@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.2 Date: Thu, 20 Jan 2000 19:51:17 -0700 To: Darren Reed , avalon@coombs.anu.edu.au (Darren Reed) From: Brett Glass Subject: Re: bugtraq posts: stream.c - new FreeBSD exploit? Cc: avalon@coombs.anu.edu.au (Darren Reed), imp@village.org (Warner Losh), jamiE@arpa.com (jamiE rishaw - master e*tard), tom@uniserve.com (Tom), mike@sentex.net (Mike Tancsa), freebsd-security@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG In-Reply-To: <200001210148.MAA29656@cairo.anu.edu.au> References: <200001210103.MAA20844@cairo.anu.edu.au> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG At 06:48 PM 1/20/2000 , Darren Reed wrote: >If you are using ipnat and have ipfilter installed, the work around is >as follows: > >pass in all >block in proto tcp all head 100 >pass in proto tcp from any to any flags S keep state group 100 Fantastic! Forwarded to Bugtraq. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message