From owner-freebsd-security Thu Nov 20 14:07:43 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id OAA12534 for security-outgoing; Thu, 20 Nov 1997 14:07:43 -0800 (PST) (envelope-from owner-freebsd-security) Received: from biggusdiskus.flyingfox.com (biggusdiskus.flyingfox.com [206.14.52.27]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id OAA12523 for ; Thu, 20 Nov 1997 14:07:38 -0800 (PST) (envelope-from jas@flyingfox.com) Received: (from jas@localhost) by biggusdiskus.flyingfox.com (8.8.5/8.8.5) id OAA29410; Thu, 20 Nov 1997 14:08:47 -0800 (PST) Date: Thu, 20 Nov 1997 14:08:47 -0800 (PST) From: Jim Shankland Message-Id: <199711202208.OAA29410@biggusdiskus.flyingfox.com> To: robert@cyrus.watson.org Subject: Re: new TCP/IP bug in win95 (fwd) Cc: security@freebsd.org Sender: owner-freebsd-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Interesting. So the TCP stack gets into a lively conversation with itself, since the source-address and port are the same as the destination address and port. The obvious fix would appear to be to drop such packets in tcp_input.c when the TCP state is TCPS_LISTEN. Jim Shankland Flying Fox Computer Systems, Inc.