From owner-freebsd-questions Tue Nov 25 12:55:35 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id MAA27550 for questions-outgoing; Tue, 25 Nov 1997 12:55:35 -0800 (PST) (envelope-from owner-freebsd-questions) Received: from gdi.uoregon.edu (gdi.uoregon.edu [128.223.170.30]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id MAA27534 for ; Tue, 25 Nov 1997 12:55:31 -0800 (PST) (envelope-from dwhite@gdi.uoregon.edu) Received: from localhost (dwhite@localhost) by gdi.uoregon.edu (8.8.7/8.8.7) with SMTP id MAA17594; Tue, 25 Nov 1997 12:55:23 -0800 (PST) (envelope-from dwhite@gdi.uoregon.edu) Date: Tue, 25 Nov 1997 12:55:23 -0800 (PST) From: Doug White Reply-To: Doug White To: "Oliver R. Wang " cc: FreeBSD Questions Subject: Re: land attack - technical explaination? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Mon, 24 Nov 1997, Oliver R. Wang wrote: > > Hi there > > What I know about "land" attack is that it send a TCP packet with source > address, source port, destination address, destination port set as the > same. My question is can someone explain to me why this will cause system > degradation or even crash? What's fix in FreeBSD? >From my extremely layman's viewpoint on this, it tries to get the computer to connect to itself. A "quick fix hack" has been committed to -CURRENT and -STABLE. A security advisory is probably following. Doug White | University of Oregon Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant http://gladstone.uoregon.edu/~dwhite | Computer Science Major