Re: TCP vulnerability
From: Andre Oppermann (andre_at_freebsd.org)
Date: 04/24/04
- Previous message: Chuck Swiger: "Re: TCP vulnerability"
- In reply to: Chuck Swiger: "Re: TCP vulnerability"
- Next in thread: Alan Evans: "Re: TCP vulnerability"
- Reply: Alan Evans: "Re: TCP vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 24 Apr 2004 17:22:38 +0200 To: Chuck Swiger <cswiger@mac.com>
Chuck Swiger wrote:
>
> Alan Evans wrote:
> > I'm sure FreeBSD is vulnerable.
> >
> > http://www.us-cert.gov/cas/techalerts/TA04-111A.html
> >
> > There's a draft that (sort of) addresses this. Should
> > we adopt it?
>
> This issue is being discussed on freebsd-security now, and Mike Silbersack
> <silby@silby.com> has some patches available for review and testing.
There has been an additional problem in some BSD stacks with RST's
which has been fixed in FreeBSD about six years ago. The remaining
things which are addressed in that paper are hardening measures to
reduce the chances of a brute force blind attack. There *no* vulner-
ablility in the sense of "send packet x" and everything breaks.
-- Andre _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- Previous message: Chuck Swiger: "Re: TCP vulnerability"
- In reply to: Chuck Swiger: "Re: TCP vulnerability"
- Next in thread: Alan Evans: "Re: TCP vulnerability"
- Reply: Alan Evans: "Re: TCP vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
