From owner-freebsd-net@FreeBSD.ORG Thu May 19 09:42:27 2005 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 85F9216A4CE for ; Thu, 19 May 2005 09:42:27 +0000 (GMT) Received: from c00l3r.networx.ch (c00l3r.networx.ch [62.48.2.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 900C043D86 for ; Thu, 19 May 2005 09:42:26 +0000 (GMT) (envelope-from andre@freebsd.org) Received: (qmail 30610 invoked from network); 19 May 2005 09:39:13 -0000 Received: from unknown (HELO freebsd.org) ([62.48.0.53]) (envelope-sender ) by c00l3r.networx.ch (qmail-ldap-1.03) with SMTP for ; 19 May 2005 09:39:13 -0000 Message-ID: <428C5F89.2E595E02@freebsd.org> Date: Thu, 19 May 2005 11:42:33 +0200 From: Andre Oppermann X-Mailer: Mozilla 4.8 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Christian Brueffer References: <20050519093736.GA932@unixpages.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: tcp timestamp vulnerability? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 May 2005 09:42:27 -0000 Christian Brueffer wrote: > > Hi, > > has anyone taken a look at http://www.kb.cert.org/vuls/id/637934? sys/netinet/tcp_input.c Revision 1.270, Sun Apr 10 05:24:59 2005 UTC (5 weeks, 4 days ago) by ps Branch: MAIN Changes since 1.269: +23 -3 lines - Tighten up the Timestamp checks to prevent a spoofed segment from setting ts_recent to an arbitrary value, stopping further communication between the two hosts. - If the Echoed Timestamp is greater than the current time, fall back to the non RFC 1323 RTT calculation. Submitted by: Raja Mukerji (raja at moselle dot com) Reviewed by: Noritoshi Demizu, Mohan Srinivasan -- Andre