Date: Tue, 20 Apr 2004 15:47:14 -0500 From: Mark Johnston <mjohnston@skyweb.ca> To: freebsd-security@freebsd.org Subject: Re: TCP RST attack Message-ID: <200404201547.14796.mjohnston@skyweb.ca> In-Reply-To: <20040420202422.GB3727@blossom.cjclark.org> References: <6.0.3.0.0.20040420125557.06b10d48@209.112.4.2> <6.0.3.0.0.20040420144001.0723ab80@209.112.4.2> <20040420202422.GB3727@blossom.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
"Crist J. Clark" <cristjc@comcast.net> wrote: > Arguments on the severity of the bug aside, FreeBSD does not > have a working RFC2385 implementation. It looks like bms@ committed half of one in February: http://docs.freebsd.org/cgi/getmsg.cgi?fetch=1056731+0+/usr/local/www/db/text/2004/cvs-all/20040215.cvs-all The vulnerability would still exist when the spoofed packets are directed towards a FreeBSD router, but it looks like this would protect its RFC2385-capable partner from the attack. That doesn't help if the attacker knows which side of the link is which platform, but it reduces the likelihood of an unresearched attack being successful. Mark
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200404201547.14796.mjohnston>