Date: Mon, 27 Nov 2000 00:48:49 -0500 (EST) From: PEEETER <pjp@november.jaded.net> To: FreeBSD-gnats-submit@freebsd.org Subject: kern/23123: Turn off IP Options in IPSTEALTH mode Message-ID: <200011270548.AAA95572@november.jaded.net>
next in thread | raw e-mail | index | archive | help
>Number: 23123
>Category: kern
>Synopsis: IP options reveal IPstealth mode. Just turn them off.
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Nov 26 21:50:00 PST 2000
>Closed-Date:
>Last-Modified:
>Originator: PEEETER
>Release: FreeBSD 3.5-RELEASE i386
>Organization:
Daemonium & Group of Nine
>Environment:
patch untested for 5.0-current.
>Description:
Most IP options allow a hop to be recorded. This defies IPSTEALTH
mode which purpose it seems to hide from someone traceing. In
simple form ping -R in the vicinity of 10 hops will find a
IPSTEALTH'ed router. All other options also apply where a neat one
would be a brute force searching of IP in the timestamp pre-specified
ip option. My attached fix will just avoid processing IP options.
I have not tested this at all but theoretically it should do what
I don't want it to do (ermm ;)
>How-To-Repeat:
ping -R host #reveals IPSTEALTH'ed router in route path.
>Fix:
Index: ip_input.c
===================================================================
RCS file: /usr/local/freebsd_repo/src/sys/netinet/ip_input.c,v
retrieving revision 1.149
diff -u -r1.149 ip_input.c
--- ip_input.c 2000/11/25 07:35:33 1.149
+++ ip_input.c 2000/11/27 05:37:52
@@ -457,6 +457,12 @@
* to be sent and the original packet to be freed).
*/
ip_nhops = 0; /* for source routed packets */
+
+#ifdef IPSTEALTH
+ /* IP Options reveal us so we don't process them in stealth mode */
+
+ if (! ipstealth)
+#endif
if (hlen > sizeof (struct ip) && ip_dooptions(m)) {
#ifdef IPFIREWALL_FORWARD
ip_fw_fwd_addr = NULL;
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200011270548.AAA95572>