Site Navigation

Date:      Thu, 23 Jul 2015 12:30:33 -0700
From:      Xin Li <delphij@delphij.net>
To:        gabor@zahemszky.hu, freebsd-security@freebsd.org
Subject:   Re: FreeBSD Security Advisory FreeBSD-SA-15:13.tcp
Message-ID:  <55B140D9.5080507@delphij.net>
In-Reply-To: <9acb8bbfb059c3e8d08ba20a41441714@zahemszky.hu>
References:  <20150722025746.721831C32@freefall.freebsd.org> <9acb8bbfb059c3e8d08ba20a41441714@zahemszky.hu>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 07/21/15 23:52, gabor@zahemszky.hu wrote:
>> IV.  Workaround
>> 
>> No workaround is available, but systems that do not provide TCP
>> based service to untrusted networks are not vulnerable.
>> 
>> Note that the tcpdrop(8) utility can be used to purge connections
>> which have become wedged.  For example, the following command can
>> be used to generate commands that would drop all connections
>> whose last rcvtime is more than 100s:
>> 
>> netstat -nxp tcp | \ awk '{ if (int($NF) > 100) print "tcpdrop "
>> $4 " " $5 }'
>> 
>> The system administrator can then run the generated script as a
>> temporary measure.  Please refer to the tcpdump(8) manual page
>> for additional information.
> 
> It should be tcpdrop(8), isn't it?

Yes it should be tcpdrop(8).

Cheers,
- -- 
Xin LI <delphij@delphij.net>    https://www.delphij.net/
FreeBSD - The Power to Serve!           Live free or die
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.6 (FreeBSD)

iQIcBAEBCgAGBQJVsUDZAAoJEJW2GBstM+nsvZ0P/22S7IgSHZg27gNEo1hVuSN/
GuiEoCShz2VU2c2Wk/vAo3kNvXoWsmz30fKGL5Cu8hi24w8JsHdOwzdB3JI98uu+
srw+8mjxeaumw8/P/w+D2D0w0qh2v4252KhUK9zDvkRAoWsaijgDXh2EEJoaxHCe
zo7OVHfL37PG2zSAmY/whMOcQ07Tjv0SepgctKe8rt5YH66Bh2c7zkiJ0Z2wbfmC
B/OvgPhiWqK522cJnTQ/FLjZNCOJ+G6jg0Z5nVBOI7L1uN5z7CyOtZ5MNLMx4fza
IlaWmbAexIH/q8n37Y2pVfQvT6WyWXhSxv1reyDC2xYixzxFlFUIFQIen5jd7tVN
xmYHR9SRaMPVHk5SY7OYfJUlsum4zgwiHjJv9N76tjUMPkmCBEr1fTxerU2mJ2G6
OLqvnK/VVLgebYsBj3NoTrgcKH8L4oz+W/IsPu5SF/shv7hxqAniXp3NX895j97n
BzW9r75yT+Iy61VloOq/ZD9QNA379d6+kGHq96lg/qmsG7WImpxum+HtMSjtuBjJ
ZP2EK4YZ1usKxjCLt6XIzH2ao1QJ8/64WmAi7tebn4O9rmBwV16wCpxEssEYU1HI
l+c9CSlJfoTVkN35ka79x9BgnwpVzAy9iAscDj/yWv2iNrhjUMO6ffA6Q2CGEqxQ
MT4h6biU/KXH4Reh1n8F
=ZIpa
-----END PGP SIGNATURE-----

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?55B140D9.5080507>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact