From owner-freebsd-security@FreeBSD.ORG Tue Apr 20 13:46:35 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6E27416A4CE for ; Tue, 20 Apr 2004 13:46:35 -0700 (PDT) Received: from skyweb.ca (smtp-1.vancouver.ipapp.com [216.152.192.207]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1A24043D46 for ; Tue, 20 Apr 2004 13:46:35 -0700 (PDT) (envelope-from mjohnston@skyweb.ca) Received: from [192.168.15.191] ([64.42.246.34]) by smtp-1.vancouver.ipapp.com ; Tue, 20 Apr 2004 13:46:34 -0700 From: Mark Johnston To: freebsd-security@freebsd.org Date: Tue, 20 Apr 2004 15:47:14 -0500 User-Agent: KMail/1.6.1 References: <6.0.3.0.0.20040420125557.06b10d48@209.112.4.2> <6.0.3.0.0.20040420144001.0723ab80@209.112.4.2> <20040420202422.GB3727@blossom.cjclark.org> In-Reply-To: <20040420202422.GB3727@blossom.cjclark.org> MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200404201547.14796.mjohnston@skyweb.ca> X-Rcpt-To: X-Country: CA Subject: Re: TCP RST attack X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Apr 2004 20:46:35 -0000 "Crist J. Clark" wrote: > Arguments on the severity of the bug aside, FreeBSD does not > have a working RFC2385 implementation. It looks like bms@ committed half of one in February: http://docs.freebsd.org/cgi/getmsg.cgi?fetch=1056731+0+/usr/local/www/db/text/2004/cvs-all/20040215.cvs-all The vulnerability would still exist when the spoofed packets are directed towards a FreeBSD router, but it looks like this would protect its RFC2385-capable partner from the attack. That doesn't help if the attacker knows which side of the link is which platform, but it reduces the likelihood of an unresearched attack being successful. Mark