cvs commit: src/sys/netinet tcp_input.c tcp_var.h
Mike Silbersack
silby at silby.com
Sun Apr 25 20:00:25 PDT 2004
On Sun, 25 Apr 2004, Mike Silbersack wrote:
> silby 2004/04/25 19:56:31 PDT
>
> FreeBSD src repository
>
> Modified files:
> sys/netinet tcp_input.c tcp_var.h
> Log:
> Tighten up reset handling in order to make reset attacks as difficult as
> possible while maintaining compatibility with the widest range of TCP stacks.
I'm going to let this settle in -current for a little while before MFCing
it. Note that we're still vulnerable to reset attacks which use SYN
packets, so there's little benefit to a quick MFC anyway. <g>
Discussion on how to deal with the SYN reset attack is still ongoing.
Mike "Silby" Silbersack
More information about the cvs-src
mailing list