Proposed RST patch
Mike Silbersack
silby at silby.com
Fri Apr 23 23:15:06 PDT 2004
On Fri, 23 Apr 2004, Don Lewis wrote:
> > + if (tp->last_ack_sent != th->th_seq) {
>
> I'd reverse the operand order here to match the operand order of the
> enclosing "if" block. Other than that tiny nit, this looks fine.
Ok, I can do that. I also plan to update the comments above.
> What is our status with regards to the spoofed SYN version of the
> attack?
I haven't checked yet. I just finished up modifying the exploit so that
it uses icmp unreachables rather than TCP RSTs. In addition to being a
good less in libnet, it helped prove that FreeBSD is already good wrt
unreach packets (due to work by jlemon and jayanth, IIRC), although I did
not test any other operating systems... (Perhaps the draft should have
mentioned icmp unreach packets given that they may be handled similarly to
RSTs.)
SYNs are next on the list.
Mike "Silby" Silbersack
More information about the freebsd-security
mailing list