From owner-freebsd-security Mon Sep 21 15:07:47 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA21509 for freebsd-security-outgoing; Mon, 21 Sep 1998 15:07:47 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from cheops.anu.edu.au (cheops.anu.edu.au [150.203.224.24]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA21291 for ; Mon, 21 Sep 1998 15:07:05 -0700 (PDT) (envelope-from avalon@coombs.anu.edu.au) Message-Id: <199809212207.PAA21291@hub.freebsd.org> Received: by cheops.anu.edu.au (1.37.109.16/16.2) id AA190465540; Tue, 22 Sep 1998 08:05:41 +1000 From: Darren Reed Subject: Re: Are we vulnerable to "stealth" port scans? To: ark@eltex.ru Date: Tue, 22 Sep 1998 08:05:40 +1000 (EST) Cc: jkb@best.com, freebsd-security@FreeBSD.ORG, john@paranoid.eltex.spb.ru, john@unt.edu In-Reply-To: <199809211427.SAA01013@paranoid.eltex.spb.ru> from "ark@eltex.ru" at Sep 21, 98 06:27:21 pm X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In some mail from ark@eltex.ru, sie said: > > -----BEGIN PGP SIGNED MESSAGE----- > > nuqneH, > > (darren's patch skipped) > seems to have no effect for "FIN" scans like nmap.c does. err, there are/were two patches to apply but if tcp_input() has changed much on FreeBSD, then the second may be incorrect. they were tested on NetSBD-1.3G and produced the desired results. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message