Date: Sat, 22 Jan 2000 18:47:38 -0800 From: Don Lewis <Don.Lewis@tsc.tdk.com> To: Brett Glass <brett@lariat.org> Cc: security@FreeBSD.ORG Subject: Re: stream.c worst-case kernel paths Message-ID: <200001230247.SAA18398@salsa.gv.tsc.tdk.com> In-Reply-To: <4.2.2.20000122081057.01992100@localhost> References: <Your message of "Sat, 22 Jan 2000 00:29:21 -0700"> <4.2.2.20000122002353.019b9c10@localhost> <4.2.2.20000122081057.01992100@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jan 22, 8:19am, Brett Glass wrote: } Subject: Re: stream.c worst-case kernel paths } RST+SYN and RST+FIN should definitely be dropped. I don't know what } one would do with RST+URG or RST+PSH; I would tend to think that } one would want to drop these rather than letting them modify } the state of any connection, since they could be part of an } attack. It's probably not worth the code to handle these in any special way. The FIN, URG, and PSH bits are looked at except for normal data packets that have gotten pretty far into the code. If the RST bit is set, the packet will be diverted into a different path. To do any harm with any of these bits, an attacker has to be able to be able to get past the sequence number checks, and if the attacker can to that the game is over no matter what sort of additional sanity checks one tries to implement. The only real additional protection is called IPSEC. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001230247.SAA18398>