From owner-freebsd-net@FreeBSD.ORG Fri Mar 11 06:00:39 2005 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E64C516A4CE for ; Fri, 11 Mar 2005 06:00:39 +0000 (GMT) Received: from relay01.pair.com (relay01.pair.com [209.68.5.15]) by mx1.FreeBSD.org (Postfix) with SMTP id F2BAA43D31 for ; Fri, 11 Mar 2005 06:00:38 +0000 (GMT) (envelope-from silby@silby.com) Received: (qmail 25840 invoked from network); 11 Mar 2005 06:00:38 -0000 Received: from unknown (HELO localhost) (unknown) by unknown with SMTP; 11 Mar 2005 06:00:38 -0000 X-pair-Authenticated: 209.68.2.70 Date: Fri, 11 Mar 2005 00:00:36 -0600 (CST) From: Mike Silbersack To: gnn@freebsd.org In-Reply-To: Message-ID: <20050310235904.N15599@odysseus.silby.com> References: <771770969.20050311034646@wanadoo.fr> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed cc: freebsd-net@freebsd.org cc: Anthony Atkielski Subject: Re: Clock slew vulnerability in FreeBSD? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Mar 2005 06:00:40 -0000 On Fri, 11 Mar 2005 gnn@freebsd.org wrote: > As to how vulnerable FreeBSD is to this I do not know nor do I know if > we should bother to do anything about it. What, in particular are you > worried about here? Also, if you consider this a security issue you > should probably also include the security team in this discussion. > > Later, > George I'd guess that we're fully "vulnerable" to this, but I don't see it really as an issue, unless someone is trying to hide a whole bunch of FreeBSD boxes behind that. And if that's what you're doing, run PF on the NAT machine, I think it has options to scramble such things, no matter what OS the clients behind it are running. Mike "Silby" Silbersack