From owner-freebsd-security Tue Jun 3 05:09:17 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id FAA24628 for security-outgoing; Tue, 3 Jun 1997 05:09:17 -0700 (PDT) Received: from homeport.org (lighthouse.homeport.org [205.136.65.198]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id FAA24623 for ; Tue, 3 Jun 1997 05:09:08 -0700 (PDT) Received: (adam@localhost) by homeport.org (8.8.5/8.6.9) id IAA21853; Tue, 3 Jun 1997 08:04:54 -0400 (EDT) From: Adam Shostack Message-Id: <199706031204.IAA21853@homeport.org> Subject: Re: TCP RST Handling in 2.2 (fwd) In-Reply-To: <199706030523.HAA03199@zibbi.mikom.csir.co.za> from John Hay at "Jun 3, 97 07:23:20 am" To: jhay@zibbi.mikom.csir.co.za (John Hay) Date: Tue, 3 Jun 1997 08:04:54 -0400 (EDT) Cc: security@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL27 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Thats a bug in trumpet, which should be fixed there. Is there an RFC which details this mod you're suggesting? I'd hate to see my OpenBSD boxes react even more negatively to freebsd. Arbitrary extra rst packets arriving worry me. (Right now, they refuse to talk NFS to a freebsd server with virtual interfaces, since the kernel doesn't send packets back with the right IP address. OpenBSD assumes that a spoof is taking place.) Adam PS To Darren: This is the change I was refering to, not fixing the bug you were pointing out. John Hay wrote: | > | Certainly. It might also be worth implementing the three-way RST | > | handshake which has been proposed by some to fill some theoretical | > | gaps in TCP's handling of resets which could (very rarely) result in | > | innocent connections getting reset. | > | > I'd strongly recommend against implementing a non standard | > TCP mod as anything but an option for those who want to play with it. | > Please don't put it in the base code. | > | | But if we can get something better than we have now, I would feel a lot | better. Last week we had the case here where tcp connections between | machines would just die at random with a "connection reset by peer" | message. It turned out that there was an old Windows 3.1 box with | Trumpet Winsock v1.0b which send Reset messages "at random" for connections | that had nothing to do with it, execept that it was on the same piece | of ethernet coax. | | John | -- | John Hay -- John.Hay@mikom.csir.co.za | -- "It is seldom that liberty of any kind is lost all at once." -Hume