Date: Tue, 2 Mar 2004 14:43:39 +0100 From: Stefan Bethke <stb@lassitu.de> To: Mike Silbersack <silby@silby.com> Cc: freebsd-security@freebsd.org Subject: Re: mbuf vulnerability Message-ID: <9CDEFA50-6C4F-11D8-9FC0-000393496BE8@lassitu.de> In-Reply-To: <20040301113726.T17968@odysseus.silby.com> References: <6.0.3.0.0.20040229182702.07a67a68@209.112.4.2> <20040301103615.GB97298@starjuice.net> <20040301113726.T17968@odysseus.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Am 01.03.2004 um 18:42 schrieb Mike Silbersack: > A specially constructed stateful firewall could be constructed to deal > with this DoS, but I'm certain that there's no way you could use ipf or > anything preexisting to do the job. OpenBSD's pf scrubbing should be helpful here. From the FAQ: > The scrub directive also reassembles fragmented packets, protecting > some operating systems from some forms of attack. <http://www.openbsd.org/faq/pf/scrub.html> Our port is only for 5.0 or newer, though. -- Stefan Bethke <stb@lassitu.de> Fon +49 170 346 0140
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9CDEFA50-6C4F-11D8-9FC0-000393496BE8>