Bugtraq mailing list archives
Multicast from hell
From: jwatkin () HUNGRY COM (John Watkins)
Date: Thu, 27 Jan 2000 09:12:47 -0700
Here is a patch for FreeBSD --- tcp_input.c.orig Tue Apr 20 15:09:15 1999 +++ tcp_input.c Fri Jan 21 21:53:00 2000 @@ -398,12 +398,36 @@ "Connection attempt to TCP %s:%d from %s:%d\n", buf, ntohs(ti->ti_dport), inet_ntoa(ti->ti_src), ntohs(ti->ti_sport)); - } + } else if (tiflags & TH_ACK) { + /* + * Alpha code in response to stream.c + * - Omachonu Ogali + */ + char buf[4*sizeof "123"]; + +#ifdef ICMP_BANDLIM + if (badport_bandlim(1) < 0) + goto drop; +#endif + + strcpy(buf, inet_ntoa(ti->ti_dst)); + log(LOG_INFO, + "received TCP/ACK to non existant connection: %s:%d -> %s:%d\n", + inet_ntoa(ti->ti_src), ntohs(ti->ti_sport), buf, ntohs(ti->ti_dport)); + + /* + * Drop without reset to prevent smurf-like tcp + * attack + */ + + goto drop; + } else { #ifdef ICMP_BANDLIM if (badport_bandlim(1) < 0) goto drop; #endif goto dropwithreset; + } } tp = intotcpcb(inp); if (tp == 0)
Current thread:
- Re: S/Key & OPIE Database Vulnerability, (continued)
- Re: S/Key & OPIE Database Vulnerability Steve VanDevender (Jan 25)
- Re: S/Key & OPIE Database Vulnerability Mudge (Jan 25)
- Re: S/Key & OPIE Database Vulnerability Steve VanDevender (Jan 26)
- Future of s/key (Re: S/Key & OPIE Database Vulnerability) Frasnelli, Dan (Jan 26)
- Re: S/Key & OPIE Database Vulnerability Eivind Eklund (Jan 27)
- Re: S/Key & OPIE Database Vulnerability Jordan Ritter (Jan 27)
- Re: S/Key & OPIE Database Vulnerability Jordan Ritter (Jan 28)
- "Strip Script Tags" in FW-1 can be circumvented Arne Vidstrom (Jan 29)
- Re: S/Key & OPIE Database Vulnerability Brandon Palmer (Jan 27)
- Re: S/Key & OPIE Database Vulnerability Eivind Eklund (Jan 28)
- Multicast from hell John Watkins (Jan 27)
- Cobalt RaQ2 - a user of mine changed my admin password.. Chuck Pitre - Technical Support (Jan 27)
- Re: Cobalt RaQ2 - and QUBE2 Nir Simionovich (Rin Solo) (Jan 29)
- Tempfile vulnerabilities foo (Jan 30)
- [FreeBSD Security Advisory: FreeBSD-SA-00:02.procfs] Patrick Oonk (Jan 28)
- Re: Multicast from hell Omachonu Ogali (Jan 28)
- FTPPro has weird features - Fwd: Important matter for your abuse department Cedric Amand (Jan 28)
- New SCO patches... Aaron Sigel (Jan 27)
- Qpopper security bug Zhodiac (Jan 26)
- Re: S/Key & OPIE Database Vulnerability Dug Song (Jan 26)
- Microsoft Security Bulletin (MS00-006) Microsoft Product Security (Jan 26)