Bugtraq mailing list archives
Re: explanation and code for stream.c issues
From: yardley () UIUC EDU (Tim Yardley)
Date: Fri, 21 Jan 2000 11:42:24 -0600
At 11:25 AM 1/21/2000, Tim Yardley wrote:
stream.c issues --------------------------------------------------- :: temp remedy (exec summary) --------------------------------------------------- If you use ipfilter... -- start rule set -- block in quick proto tcp from any to any head 100 pass in quick proto tcp from any to any flags S keep state group 100 pass in all -- end rule set -- That will help you "stop" the attack, although it will still use some CPU though Note: If you use IPFW, there is no immediate way to solve this problem due to the fact that it is a stateless firewall. If you are getting attacked, then temporarily use ipfilter to stop it. Otherwise, wait for vendor patches. FreeBSD "unofficial patch" by Alfred Perlstein: http://www.freebsd.org/~alfred/tcp_fix.diff
<snip>
-- start stream.c --
<snip>
packet.tcp.th_flags = 0;
change this to a little different effect: packet.tcp.th_flags = TH_ACK; <snip> /tmy -- Diving into infinity my consciousness expands in inverse proportion to my distance from singularity +-------- ------- ------ ----- ---- --- -- ------ --------+ | Tim Yardley (yardley () uiuc edu) | http://www.students.uiuc.edu/~yardley/ +-------- ------- ------ ----- ---- --- -- ------ --------+
Current thread:
- Re: ICQ Buffer Overflow Exploit Thomas Maschutznig (Jan 15)
- <Possible follow-ups>
- Re: ICQ Buffer Overflow Exploit x-x-x-x-x-x-x-x-x (Jan 18)
- Re: ICQ Buffer Overflow Exploit Bryce Walter (Jan 18)
- Re: ICQ Buffer Overflow Exploit Jeremy Johnson (Jan 19)
- Re: ICQ Buffer Overflow Exploit Nick Summy (Jan 19)
- Re: ICQ Buffer Overflow Exploit Dylan Griffiths (Jan 19)
- explanation and code for stream.c issues Tim Yardley (Jan 21)
- Re: explanation and code for stream.c issues Tim Yardley (Jan 21)
- Re: explanation and code for stream.c issues Tim Yardley (Jan 21)
- Re: explanation and code for stream.c issues Erik Fichtner (Jan 21)
- Re: explanation and code for stream.c issues Brett Glass (Jan 21)
- S/Key & OPIE Database Vulnerability harikiri (Jan 21)
- Re: S/Key & OPIE Database Vulnerability David Maxwell (Jan 23)
- S/Key & OPIE Database Vulnerability Steve VanDevender (Jan 23)
- Re: S/Key & OPIE Database Vulnerability Evil Pete (Jan 24)
- Re: S/Key & OPIE Database Vulnerability Mudge (Jan 25)
- Re: S/Key & OPIE Database Vulnerability Steve VanDevender (Jan 25)
- Re: S/Key & OPIE Database Vulnerability Mudge (Jan 25)