From owner-freebsd-net@FreeBSD.ORG Mon May 2 17:32:34 2005 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3F83116A4CF for ; Mon, 2 May 2005 17:32:34 +0000 (GMT) Received: from pop04.mail.atl.earthlink.net (pop04.mail.atl.earthlink.net [207.69.200.28]) by mx1.FreeBSD.org (Postfix) with ESMTP id D50A043D5F for ; Mon, 2 May 2005 17:32:33 +0000 (GMT) (envelope-from gandalf@digital.net) Received: from wamui01.slb.atl.earthlink.net ([192.168.167.39]) by pop04.mail.atl.earthlink.net with esmtp (Exim 3.36 #10) id 1DSemW-0006TI-00; Mon, 02 May 2005 13:32:32 -0400 Message-ID: <11765553.1115055152501.JavaMail.root@wamui01.slb.atl.earthlink.net> Date: Mon, 2 May 2005 12:32:32 -0500 (GMT-05:00) From: gandalf@digital.net To: c0ldbyte Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Earthlink Zoo Mail 1.0 cc: freebsd-net@freebsd.org Subject: Re: FreeBSD and the Rose Attack / NewDawn X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: gandalf@digital.net List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 May 2005 17:32:34 -0000 Greetings and Salutations: From: c0ldbyte > On Mon, 2 May 2005 gandalf@digital.net wrote: >> I *just* got my FreeBSD setup stable and working with a KDE >> GUI. :-). I know, easy for you guys but this is the first time I >> have set up FreeBSD with automatic updates. I settled on >> FreeBSD 5.4 after many tries. > Works nicely if you have access to root on a local machine for lan use Exactly. Works in Windows also if you work hard enough. > and the machines have been compiled with bpf support. Other then that Berkeley Packet Filter is (of course) enabled by default in the GENERIC kernel config with the comment that you need bpf for DHCP. > my testing on these cases over the net "internet" have not yielded any > proposed results to effect FreeBSD machines. Tried on 4.x & 5.x. > Any other proof that this yields anything that we need to worry about?. I haven't really tried extensive testing "over the internet" and I guess that would be my question. Unless you have some kind of filter between you an the target machine then I assume that the DOS would work as well across "The Internet" as it would locally. Routers should pass fragmented packets same as any other kind of traffic. What am I missing? I am thinking of the case where someone has a FreeBSD machine set up as their "corporate" firewall. Ken ------------------------------------------------------------------ Do not meddle in the affairs of wizards for they are subtle and quick to anger. Ken Hollis - Gandalf The White - gandalf@digital.net - O- TINLC WWW Page - http://gandalf.home.digital.net/ Trace E-Mail forgery - http://gandalf.home.digital.net/spamfaq.html Trolls crossposts - http://gandalf.home.digital.net/trollfaq.html