Date: Thu, 20 Nov 1997 11:15:42 -0800 (PST) From: Matt Dillon <dillon@best.net> To: spork <spork@super-g.com> Cc: GNATS Management <gnats@FreeBSD.ORG>, freebsd-questions@FreeBSD.ORG Subject: Re: kern/5103: FreeBSD kernel lockup from spoofed TCP packet Message-ID: <199711201915.LAA28437@flea.best.net>
next in thread | raw e-mail | index | archive | help
This was my quick and dirty hack, but it's unverified whether
it stops the attack. It should.
-Matt
:
:This is a nasty one, care to share your hack-patch?
:
:Charles Sprickman
:spork@super-g.com
tick:/usr/src/sys/netinet# diff -c LINK/tcp_input.c tcp_input.c
*** LINK/tcp_input.c Thu Oct 23 14:19:23 1997
--- tcp_input.c Thu Nov 20 03:38:59 1997
***************
*** 315,321 ****
--- 315,329 ----
tcpstat.tcps_rcvbadsum++;
goto drop;
}
+
#endif /* TUBA_INCLUDE */
+ /*
+ * Check that TCP port pair makes sense XXX MATT HACK
+ */
+ if (ti->ti_src.s_addr == ti->ti_dst.s_addr && ti->ti_sport == ti->ti_dport) {
+ tcpstat.tcps_rcvshort++; /* actually error */
+ goto drop;
+ }
/*
* Check that TCP offset makes sense,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199711201915.LAA28437>