From owner-freebsd-security  Mon Sep 21 15:07:47 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id PAA21509
          for freebsd-security-outgoing; Mon, 21 Sep 1998 15:07:47 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from cheops.anu.edu.au (cheops.anu.edu.au [150.203.224.24])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA21291
          for <freebsd-security@FreeBSD.ORG>; Mon, 21 Sep 1998 15:07:05 -0700 (PDT)
          (envelope-from avalon@coombs.anu.edu.au)
Message-Id: <199809212207.PAA21291@hub.freebsd.org>
Received: by cheops.anu.edu.au
	(1.37.109.16/16.2) id AA190465540; Tue, 22 Sep 1998 08:05:41 +1000
From: Darren Reed <avalon@coombs.anu.edu.au>
Subject: Re: Are we vulnerable to "stealth" port scans?
To: ark@eltex.ru
Date: Tue, 22 Sep 1998 08:05:40 +1000 (EST)
Cc: jkb@best.com, freebsd-security@FreeBSD.ORG, john@paranoid.eltex.spb.ru,
        john@unt.edu
In-Reply-To: <199809211427.SAA01013@paranoid.eltex.spb.ru> from "ark@eltex.ru" at Sep 21, 98 06:27:21 pm
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In some mail from ark@eltex.ru, sie said:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> nuqneH,
> 
> (darren's patch skipped)
> seems to have no effect for "FIN" scans like nmap.c does.

err, there are/were two patches to apply but if tcp_input() has changed
much on FreeBSD, then the second may be incorrect.  they were tested on
NetSBD-1.3G and produced the desired results.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message