From owner-freebsd-security Mon Jun 26 15:23:11 2000 Delivered-To: freebsd-security@freebsd.org Received: from molybdenum.systems.cais.net (molybdenum.systems.cais.net [205.177.9.248]) by hub.freebsd.org (Postfix) with ESMTP id 9334637BCB0 for ; Mon, 26 Jun 2000 15:23:06 -0700 (PDT) (envelope-from herb@cais.net) Received: from localhost (localhost [127.0.0.1]) by molybdenum.systems.cais.net (8.9.3/8.9.3) with ESMTP id SAA27076 for ; Mon, 26 Jun 2000 18:41:47 -0400 (EDT) Date: Mon, 26 Jun 2000 18:41:47 -0400 (EDT) From: "Herbert J. McNew" X-Sender: herb@molybdenum.systems.cais.net To: freebsd-security@freebsd.org Subject: RE: FreeBSD Security Advisory: FreeBSD-SA-00:23.ip-options In-Reply-To: <712384017032D411AD7B0001023D799B07C8D7@SN1EXCHMBX> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org TWIMC, An easy way around this DoS (if you don't need ip options o your network) is the following ipf rule. This will only work with ipf, thought I'm sure someone out there can translate it into ipfw... block in quick from any to any with ipopts enjoy. _____________________ Herb McNew Systems Administrator CAIS Internet (703) 247-6270 herb@cais.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message