From owner-freebsd-hackers  Thu Sep  3 12:05:33 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id MAA01006
          for freebsd-hackers-outgoing; Thu, 3 Sep 1998 12:05:33 -0700 (PDT)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from dt053nb4.san.rr.com (dt053nb4.san.rr.com [204.210.34.180])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA01000
          for <freebsd-hackers@freebsd.org>; Thu, 3 Sep 1998 12:05:31 -0700 (PDT)
          (envelope-from Studded@dal.net)
Received: from dal.net (Studded@localhost [127.0.0.1])
	by dt053nb4.san.rr.com (8.8.8/8.8.8) with ESMTP id MAA03195
	for <freebsd-hackers@freebsd.org>; Thu, 3 Sep 1998 12:04:25 -0700 (PDT)
	(envelope-from Studded@dal.net)
Message-ID: <35EEE839.D3169E59@dal.net>
Date: Thu, 03 Sep 1998 12:04:25 -0700
From: Studded <Studded@dal.net>
Organization: Triborough Bridge & Tunnel Authority
X-Mailer: Mozilla 4.06 [en] (X11; I; FreeBSD 2.2.7-STABLE-0827 i386)
MIME-Version: 1.0
To: freebsd-hackers@FreeBSD.ORG
Subject: Response to RST validation problem?
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

As I'm sure everyone is aware, there was a post on bugtraq Sunday
regarding a vulnerability in our TCP code which leaves the system open
to attack via RST packets. In the past the project has always responded
within a few days to such problems, either with a fix or a progress
report on a fix. I have not seen such a response, therefore I'm asking
what progress is being made on this problem.

	This bug is being used against some of our servers, although it's far
from our biggest problem. Basically I'd like to be able to tell the 20
or so sysadmins on our network that use FreeBSD, "Please plan to upgrade
your kernel sometime in the next N days," where N is a reasonable
approximation of when a patch will be ready. 

	According to Darren Reed the appropriate fix is already available in
NetBSD's code, so that might be a good place to start looking. :)

Thanks in advance,

Doug
-- 
***           Chief Operations Officer, DALnet IRC network          ***

At Barry (a small town in south Wales) hidden cameras have had to be
installed to keep watch on the town's CCTV [Closed Circuit Television]
to record acts of vandalism against the CCTV. - Privacy Forum

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message