[PATCH] SYN issue
rpaulo at freebsd.org
Fri May 22 00:08:05 UTC 2009
On 21 May 2009, at 18:37, David DeSimone wrote:
> Zachary Loafman <zachary.loafman at isilon.com> wrote:
>> After correcting the above, any SYN that doesn't exactly match
>> the initial sequence number results in a RST|ACK response and the
>> ESTABLISHED connection being dropped.
> Maybe I am jumping to conclusions here, but does this mean that
> can spoof a SYN from your IP and source port and force your connection
> to be torn down?
I don't think so. First of all the seq must be on the left of the recv
window, and second, we already do this for the right of the recv window.
I believe this is how the standard defined it to be.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 194 bytes
Desc: This is a digitally signed message part
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20090522/17e0013d/PGP.pgp
More information about the freebsd-net