From owner-freebsd-security Fri Jan 21 16:57:56 2000 Delivered-To: freebsd-security@freebsd.org Received: from lariat.lariat.org (lariat.lariat.org [206.100.185.2]) by hub.freebsd.org (Postfix) with ESMTP id 1E015155A9 for ; Fri, 21 Jan 2000 16:57:53 -0800 (PST) (envelope-from brett@lariat.org) Received: from workhorse (IDENT:ppp0.lariat.org@lariat.lariat.org [206.100.185.2]) by lariat.lariat.org (8.9.3/8.9.3) with ESMTP id RAA26745; Fri, 21 Jan 2000 17:57:39 -0700 (MST) Message-Id: <4.2.2.20000121174940.019bd1a0@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.2 Date: Fri, 21 Jan 2000 17:51:26 -0700 To: Matthew Dillon From: Brett Glass Subject: Re: stream.c worst-case kernel paths Cc: Warner Losh , Darren Reed , security@FreeBSD.ORG In-Reply-To: <200001220035.QAA65392@apollo.backplane.com> References: <200001210417.PAA24853@cairo.anu.edu.au> <200001210642.XAA09108@harmony.village.org> <4.2.2.20000121163937.01a51dc0@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 05:35 PM 1/21/2000 , Matthew Dillon wrote: > I wouldn't worry about multicast addresses for several reasons. First, very > few machines actually run a multicast router. No router, no problem. I'm not so sure. Using a multicast address as the source address for an attack (like this one) does seem to be tying systems up into little tiny pretzel knots as they try to send RSTs to those addresses. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message