From owner-freebsd-bugs Fri Sep 11 08:10:06 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA11828 for freebsd-bugs-outgoing; Fri, 11 Sep 1998 08:10:06 -0700 (PDT) (envelope-from owner-freebsd-bugs@FreeBSD.ORG) Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA11776 for ; Fri, 11 Sep 1998 08:10:02 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.8.8/8.8.5) id IAA01535; Fri, 11 Sep 1998 08:10:00 -0700 (PDT) Date: Fri, 11 Sep 1998 08:10:00 -0700 (PDT) Message-Id: <199809111510.IAA01535@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.ORG From: Garrett Wollman Subject: kern/7892: [PATCH] tcp_input does insufficient RST validation, also more general LAND attacks are possible Reply-To: Garrett Wollman Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The following reply was made to PR kern/7892; it has been noted by GNATS. From: Garrett Wollman To: gdonl@tsc.tdk.com Cc: FreeBSD-gnats-submit@FreeBSD.ORG Subject: kern/7892: [PATCH] tcp_input does insufficient RST validation, also more general LAND attacks are possible Date: Fri, 11 Sep 1998 11:02:00 -0400 (EDT) < said: > The following patch tightens up the RST validation. It also breaks the > loop in the general form of the "LAND" attack which would cause the sockets > to keep sending ACKs to each other, and it sends a RST to clean things up > in the case where we know something is amiss. Great job, Don. I'll commit this today if nobody beats me to it. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message