From owner-freebsd-security Fri Jan 21 22:49:41 2000 Delivered-To: freebsd-security@freebsd.org Received: from lariat.lariat.org (lariat.lariat.org [206.100.185.2]) by hub.freebsd.org (Postfix) with ESMTP id 6686514E59 for ; Fri, 21 Jan 2000 22:49:39 -0800 (PST) (envelope-from brett@lariat.org) Received: from workhorse (IDENT:ppp0.lariat.org@lariat.lariat.org [206.100.185.2]) by lariat.lariat.org (8.9.3/8.9.3) with ESMTP id XAA00397; Fri, 21 Jan 2000 23:49:30 -0700 (MST) Message-Id: <4.2.2.20000121234647.01948870@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.2 Date: Fri, 21 Jan 2000 23:49:28 -0700 To: Matthew Dillon , gdonl@tsc.tdk.com (Don Lewis) From: Brett Glass Subject: Re: stream.c worst-case kernel paths Cc: security@FreeBSD.ORG In-Reply-To: <200001220639.WAA68014@apollo.backplane.com> References: <200001220624.WAA15869@salsa.gv.tsc.tdk.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 11:39 PM 1/21/2000 , Matthew Dillon wrote: > But he can't. We drop packets sent to multicast destinations and > any RST responses back to multicast sources will be rate-limited. OSPF > has its own protocol, it will ignore any TCP garbage on its multicast > address. Maybe. Or maybe the routers will do what the other boxes are doing: send one of several possible error responses (ICMP unreachable, etc.) BACK TO THE MULTICAST ADDRESS. I would not put it past them to have this misfeature. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message