Date: Fri, 21 Jan 2000 07:15:26 -0800 From: gdonl@tsc.tdk.com (Don Lewis) To: gdonl@tsc.tdk.com (Don Lewis), Darren Reed <avalon@coombs.anu.edu.au>, brett@lariat.org (Brett Glass) Cc: security@FreeBSD.ORG Subject: Re: stream.c worst-case kernel paths Message-ID: <200001211515.HAA13087@salsa.gv.tsc.tdk.com> In-Reply-To: gdonl@tsc.tdk.com (Don Lewis) "Re: stream.c worst-case kernel paths" (Jan 21, 6:55am)
next in thread | raw e-mail | index | archive | help
On Jan 21, 6:55am, Don Lewis wrote: } Subject: Re: stream.c worst-case kernel paths } In some mail from Brett Glass, sie said: } > Trouble is, a smart attacker will fire the barrage at a port on which the machine is } > listening. This makes the code path longer because the hash table lookup will succeed. } } Good catch. I figured that skipping the extra hash lookup would be a } good optimizatin, but I didn't notice this problem. I forgot to mention that this also fixes the bug (that we previously fixed another way) that leaks information about which sockets are listening to port scanners that send ACK-only packets. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001211515.HAA13087>