Date: Wed, 21 Apr 2004 01:02:54 +0100 From: Bruce M Simpson <bms@spc.org> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: freebsd-security@freebsd.org Subject: Re: TCP RST attack Message-ID: <20040421000254.GK724@empiric.dek.spc.org> In-Reply-To: <200404202045.i3KKjKSb090656@apollo.backplane.com> References: <6.0.3.0.0.20040420125557.06b10d48@209.112.4.2> <593EE0FE-9309-11D8-A8CA-003065ABFD92@mac.com> <200404202045.i3KKjKSb090656@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Apr 20, 2004 at 01:45:20PM -0700, Matthew Dillon wrote: > 99.9% of all BGP links are direct connections (meaning that they > terminate at a router rather then pass through one). No packet to > or from port 179 has any business being routed from one network to > another in virtually all BGP link setups so the fix is utterly trivial. This isn't necessarily the case with eBGP multihop or route-server based setups. Regards, BMS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040421000254.GK724>