Date: Sat, 24 Apr 2004 01:22:04 -0500 (CDT) From: Mike Silbersack <silby@silby.com> To: Don Lewis <truckman@FreeBSD.org> Cc: freebsd-security@FreeBSD.org Subject: Re: Proposed RST patch Message-ID: <20040424011603.F1915@odysseus.silby.com> In-Reply-To: <200404240500.i3O5057E053032@gw.catspoiler.org> References: <200404240500.i3O5057E053032@gw.catspoiler.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 23 Apr 2004, Don Lewis wrote:
> > + if (tp->last_ack_sent != th->th_seq) {
>
> I'd reverse the operand order here to match the operand order of the
> enclosing "if" block. Other than that tiny nit, this looks fine.
Ok, I can do that. I also plan to update the comments above.
> What is our status with regards to the spoofed SYN version of the
> attack?
I haven't checked yet. I just finished up modifying the exploit so that
it uses icmp unreachables rather than TCP RSTs. In addition to being a
good less in libnet, it helped prove that FreeBSD is already good wrt
unreach packets (due to work by jlemon and jayanth, IIRC), although I did
not test any other operating systems... (Perhaps the draft should have
mentioned icmp unreach packets given that they may be handled similarly to
RSTs.)
SYNs are next on the list.
Mike "Silby" Silbersack
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040424011603.F1915>