From owner-freebsd-bugs Sun Nov 26 21:50: 4 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 2F26537B4E5 for ; Sun, 26 Nov 2000 21:50:01 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id VAA79599; Sun, 26 Nov 2000 21:50:01 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from november.jaded.net (november.jaded.net [216.94.132.37]) by hub.freebsd.org (Postfix) with ESMTP id 8B10A37B4D7 for ; Sun, 26 Nov 2000 21:41:34 -0800 (PST) Received: (from pjp@localhost) by november.jaded.net (8.9.3/8.9.3+trinsec_nospam) id AAA95572; Mon, 27 Nov 2000 00:48:49 -0500 (EST) Message-Id: <200011270548.AAA95572@november.jaded.net> Date: Mon, 27 Nov 2000 00:48:49 -0500 (EST) From: PEEETER Reply-To: pjp@november.jaded.net To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: kern/23123: Turn off IP Options in IPSTEALTH mode Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 23123 >Category: kern >Synopsis: IP options reveal IPstealth mode. Just turn them off. >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Nov 26 21:50:00 PST 2000 >Closed-Date: >Last-Modified: >Originator: PEEETER >Release: FreeBSD 3.5-RELEASE i386 >Organization: Daemonium & Group of Nine >Environment: patch untested for 5.0-current. >Description: Most IP options allow a hop to be recorded. This defies IPSTEALTH mode which purpose it seems to hide from someone traceing. In simple form ping -R in the vicinity of 10 hops will find a IPSTEALTH'ed router. All other options also apply where a neat one would be a brute force searching of IP in the timestamp pre-specified ip option. My attached fix will just avoid processing IP options. I have not tested this at all but theoretically it should do what I don't want it to do (ermm ;) >How-To-Repeat: ping -R host #reveals IPSTEALTH'ed router in route path. >Fix: Index: ip_input.c =================================================================== RCS file: /usr/local/freebsd_repo/src/sys/netinet/ip_input.c,v retrieving revision 1.149 diff -u -r1.149 ip_input.c --- ip_input.c 2000/11/25 07:35:33 1.149 +++ ip_input.c 2000/11/27 05:37:52 @@ -457,6 +457,12 @@ * to be sent and the original packet to be freed). */ ip_nhops = 0; /* for source routed packets */ + +#ifdef IPSTEALTH + /* IP Options reveal us so we don't process them in stealth mode */ + + if (! ipstealth) +#endif if (hlen > sizeof (struct ip) && ip_dooptions(m)) { #ifdef IPFIREWALL_FORWARD ip_fw_fwd_addr = NULL; >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message