Date: Wed, 3 Mar 2004 05:08:07 +1100 (Australia/ACT) From: Darren Reed <avalon@caligula.anu.edu.au> To: silby@silby.com (Mike Silbersack) Cc: freebsd-security@freebsd.org Subject: Re: mbuf vulnerability Message-ID: <200403021808.i22I87XN007054@caligula.anu.edu.au> In-Reply-To: <20040302113600.V12133@odysseus.silby.com> from "Mike Silbersack" at Mar 02, 2004 11:40:27 AM
next in thread | previous in thread | raw e-mail | index | archive | help
In some mail from Mike Silbersack, sie said: > On Wed, 3 Mar 2004, Darren Reed wrote: > > Uh, what did you test and what did you test with ? > > FreeBSD 4.9 with ipf. > > > "strict" requires that the sequence number in packet n should match > > what that sequence number of the last byte in packet n-1 - i.e. no > > out of order delivery is permitted. > > > > Darren > > strict isn't in the ipf manpage, and ipf complains when I try using it. > > I did some more google searching which implies that "strict" is available > in ipfilter 4.x, not the 3.x series that ships with FreeBSD. Right, so your comment about it "not working" applies to 3.x (which is what comes with freebsd, currently), which is what i was hoping :) My comment was to say that with ipf4, you can address this problem. darren
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200403021808.i22I87XN007054>