Date: Sat, 24 Apr 2004 17:22:38 +0200 From: Andre Oppermann <andre@freebsd.org> To: Chuck Swiger <cswiger@mac.com> Cc: net@freebsd.org Subject: Re: TCP vulnerability Message-ID: <408A863E.B6E60792@freebsd.org> References: <20040424144535.81824.qmail@web80106.mail.yahoo.com> <408A8127.6010908@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Chuck Swiger wrote: > > Alan Evans wrote: > > I'm sure FreeBSD is vulnerable. > > > > http://www.us-cert.gov/cas/techalerts/TA04-111A.html > > > > There's a draft that (sort of) addresses this. Should > > we adopt it? > > This issue is being discussed on freebsd-security now, and Mike Silbersack > <silby@silby.com> has some patches available for review and testing. There has been an additional problem in some BSD stacks with RST's which has been fixed in FreeBSD about six years ago. The remaining things which are addressed in that paper are hardening measures to reduce the chances of a brute force blind attack. There *no* vulner- ablility in the sense of "send packet x" and everything breaks. -- Andre
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?408A863E.B6E60792>