Date: Mon, 24 Jan 2000 07:37:32 +1100 From: Peter Jeremy <peter.jeremy@alcatel.com.au> To: Brett Glass <brett@lariat.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: bugtraq posts: stream.c - new FreeBSD exploit? Message-ID: <00Jan24.073732est.115201@border.alcanet.com.au> In-Reply-To: <4.2.2.20000121104707.016b3f00@localhost>; from brett@lariat.org on Sat, Jan 22, 2000 at 04:49:02AM %2B1100 References: <4.2.2.20000121095431.01a23a90@localhost> <4.2.2.20000121104707.016b3f00@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2000-Jan-22 04:49:02 +1100, Brett Glass <brett@lariat.org> wrote: >Try tcp_restrict_rst in rc.conf. Not ideal but a good fast fix. Note that this relies on the following kernel option (which isn't in GENERIC): # TCP_RESTRICT_RST adds support for blocking the emission of TCP RST packets. # This is useful on systems which are exposed to SYN floods (e.g. IRC servers) # or any system which one does not want to be easily portscannable. # options TCP_RESTRICT_RST #restrict emission of TCP RST Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00Jan24.073732est.115201>