Date: Thu, 20 Nov 1997 17:14:08 -0500 (EST) From: Robert Watson <robert@cyrus.watson.org> To: Jim Shankland <jas@flyingfox.com> Cc: security@freebsd.org Subject: Re: new TCP/IP bug in win95 (fwd) Message-ID: <Pine.BSF.3.96.971120171244.6898a-100000@cyrus.watson.org> In-Reply-To: <199711202208.OAA29410@biggusdiskus.flyingfox.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 20 Nov 1997, Jim Shankland wrote: > Interesting. So the TCP stack gets into a lively conversation with > itself, since the source-address and port are the same as the > destination address and port. > > The obvious fix would appear to be to drop such packets in tcp_input.c > when the TCP state is TCPS_LISTEN. As a temporary non-hacking fix, I had planned on just using ipfw to filter out packets from myself. Presumably the ipfw processing occurs before the listen-ness of the arrangement is noticed :). Maybe, if we haven't already (have not checked), it should be a standard firewall rule that one drop packets from oneself that come from other people. Not sure how one would implement that, though, without netstat -ni'ing or using ifconfig or such, which is kind of a hack. Robert N Watson Junior, Logic+Computation, Carnegie Mellon University http://www.cmu.edu/ Network Administrator, SafePort Network Services http://www.safeport.com/ robert@fledge.watson.org rwatson@safeport.com http://www.watson.org/~robert/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.971120171244.6898a-100000>