Date: Sun, 17 Dec 2000 16:23:46 -0800 From: "David Schwartz" <davids@webmaster.com> To: "Poul-Henning Kamp" <phk@critter.freebsd.dk>, "Kris Kennaway" <kris@FreeBSD.org> Cc: <cvs-all@FreeBSD.org>, <security-officer@FreeBSD.org> Subject: RE: cvs commit: src/sys/netinet ip_icmp.c tcp_subr.c tcp_var.h Message-ID: <NCBBLIEPOCNJOAEKBEAKCEFFMIAA.davids@webmaster.com> In-Reply-To: <17340.977045052@critter>
next in thread | previous in thread | raw e-mail | index | archive | help
> Since we only react to this in "SYN-SENT" I think the window of > opportunity is rather small in the first place... That assumes you don't know exactly when and where a machine is going to make a particular connection attempt. But there are security-critical tests wherein the attacker would know this exact information. Consider, for example, an ident check. When I connect to you, I know you are immediately going to make an outbound connection to a particular IP and port. Similar arguments could be made about NIS. The same goes for proxy checking. Consider a chat server immediately after a split. I'm sure others could think of more (and more serious) examples. My understanding was that modern operating systems do not follow the RFC in this respect. They simply store the information and use it to (possibly) modify the error code they return when/if the connection attempt fails. DS To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NCBBLIEPOCNJOAEKBEAKCEFFMIAA.davids>