Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 3 Jun 1997 08:04:54 -0400 (EDT)
From:      Adam Shostack <adam@homeport.org>
To:        jhay@zibbi.mikom.csir.co.za (John Hay)
Cc:        security@FreeBSD.ORG
Subject:   Re: TCP RST Handling in 2.2 (fwd)
Message-ID:  <199706031204.IAA21853@homeport.org>
In-Reply-To: <199706030523.HAA03199@zibbi.mikom.csir.co.za> from John Hay at "Jun 3, 97 07:23:20 am"
next in thread | previous in thread | raw e-mail | index | archive | help 
Thats a bug in trumpet, which should be fixed there.  Is there an RFC
which details this mod you're suggesting?  I'd hate to see my OpenBSD
boxes react even more negatively to freebsd.  Arbitrary extra rst
packets arriving worry me.

(Right now, they refuse to talk NFS to a freebsd server with virtual
interfaces, since the kernel doesn't send packets back with the right
IP address.  OpenBSD assumes that a spoof is taking place.)

Adam

PS To Darren: This is the change I was refering to, not fixing the
bug you were pointing out.

John Hay wrote:

| > | Certainly.  It might also be worth implementing the three-way RST
| > | handshake which has been proposed by some to fill some theoretical
| > | gaps in TCP's handling of resets which could (very rarely) result in
| > | innocent connections getting reset.
| > 
| > 	I'd strongly recommend against implementing a non standard
| > TCP mod as anything but an option for those who want to play with it.
| > Please don't put it in the base code.
| > 
| 
| But if we can get something better than we have now, I would feel a lot
| better. Last week we had the case here where tcp connections between
| machines would just die at random with a "connection reset by peer"
| message. It turned out that there was an old Windows 3.1 box with
| Trumpet Winsock v1.0b which send Reset messages "at random" for connections
| that had nothing to do with it, execept that it was on the same piece
| of ethernet coax.
| 
| John
| -- 
| John Hay -- John.Hay@mikom.csir.co.za
| 


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706031204.IAA21853>