[Full-Disclosure] IETF Draft - Fix for TCP vulnerability (fwd)
Mike Silbersack
silby at silby.com
Wed Apr 21 23:22:06 PDT 2004
On Wed, 21 Apr 2004, Don Lewis wrote:
> On 21 Apr, Mike Silbersack wrote:
> > Do you have access to a system that exhibits the "RST at end of window"
> > syndrome so that you could code up and test out this part of the patch?
>
> Nope. The only report of this that I saw was from jayanth. Judging by
> the tcpdump timestamps, it looks like whatever this wierd piece of
> hardware was, it was nearby.
Something just occured to me... we can just lump the "RST at end of
window" case into the whole "RST somewhere in the window case". In that
way, we only need two cases:
1. RSTs exactly at last_ack_sent (always accepted)
2. Everything else in the window (only accepted if "not under attack".)
I could code up and test this over the weekend, if it sounds like a
solution we're willing to go with.
Mike "Silby" Silbersack
More information about the freebsd-security
mailing list