From owner-freebsd-security@FreeBSD.ORG  Tue Sep  8 21:37:06 2009
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 80DF2106566C
	for <freebsd-security@freebsd.org>;
	Tue,  8 Sep 2009 21:37:06 +0000 (UTC) (envelope-from des@des.no)
Received: from tim.des.no (tim.des.no [194.63.250.121])
	by mx1.freebsd.org (Postfix) with ESMTP id 4629B8FC16
	for <freebsd-security@freebsd.org>;
	Tue,  8 Sep 2009 21:37:05 +0000 (UTC)
Received: from ds4.des.no (des.no [84.49.246.2])
	by smtp.des.no (Postfix) with ESMTP id 321696D418;
	Tue,  8 Sep 2009 21:37:05 +0000 (UTC)
Received: by ds4.des.no (Postfix, from userid 1001)
	id 03CC9844B4; Tue,  8 Sep 2009 23:37:05 +0200 (CEST)
From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To: Andrew Storms <astorms@ncircle.com>
References: <C6CBF6E8.26CD9%astorms@ncircle.com>
Date: Tue, 08 Sep 2009 23:37:04 +0200
In-Reply-To: <C6CBF6E8.26CD9%astorms@ncircle.com> (Andrew Storms's message of
	"Tue, 08 Sep 2009 11:56:24 -0700")
Message-ID: <86my55nmnz.fsf@ds4.des.no>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.92 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org>
Subject: Re: CVE-2008-4609
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Sep 2009 21:37:06 -0000

Andrew Storms <astorms@ncircle.com> writes:
> Now that the details are out - MS and Cisco patched today.  I went
> looking back into the FreeBSD security announcements and don't seem to
> be able to find any references for a patch.  Did FreeBSD already patch
> or discuss this bug and I missed it?

This is old news:

http://www.google.com/#&q=3Dsockstress

The initial version was just connection flooding - they thought it was a
big deal because they came up with a very clever and complicated setup
to increase the flood rate, when in fact a short C program using bpf
could have done the job just as well.  When people pointed out that it
was a load of bs, they started making wild claims about more serious
attacks, the details of which would be released at the next compsec
conference, except not really, because we're still working on it, but
the next one, we promise, for real this time...

Just read their website (http://www.sockstress.com/), it'll give you an
idea of just how far off their rocker they are.

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no