Bugtraq mailing list archives
Re: PIX DMZ Denial of Service - TCP Resets
From: Guido.vanRooij () NL ORIGIN-IT COM (Guido van Rooij)
Date: Mon, 27 Mar 2000 13:57:43 +0200
On Wed, Mar 22, 2000 at 02:25:16AM +1100, Darren Reed wrote:
The general gist of this problem is poorly implemented TCP connection state tracking. You *must* track window sizes and sequence numbers and acknowledgments to at least reduce the chance of any given TCP packet from "outside" actually being part of that connection.
The current implementation of this in IPfilter will be covered in a paper that is due for SANE2000 (http://www.nluug.nl/events/sane2000/). The submitted paper can be found at http://www.iae.nl/users/guido/papers/tcp_filtering.ps.gz Comments are welcome! -Guido
Current thread:
- Re: IE and Outlook 5.x allow executing arbitrary programs using .emlfiles, (continued)
- Re: IE and Outlook 5.x allow executing arbitrary programs using .emlfiles Sylwester Zarębski (Mar 15)
- Re: IE and Outlook 5.x allow executing arbitrary programs using .eml files David LeBlanc (Mar 15)
- Re: IE and Outlook 5.x allow executing arbitrary programs using.eml files Georgi Guninski (Mar 17)
- Re: IE and Outlook 5.x allow executing arbitrary programs using .eml files Ryan Russell (Mar 15)
- [TL-Security-Announce] dump-0.4b11-1 and earlier TLSA200007-1 Katie Moussouris (Mar 15)
- Process hiding in linux Pavel Machek (Mar 15)
- Re: Process hiding in linux Peter W (Mar 17)
- PIX DMZ Denial of Service - TCP Resets Andrew Alston (Mar 20)
- vqserver /........../ Johan Nilsson (Mar 21)
- Re: PIX DMZ Denial of Service - TCP Resets Darren Reed (Mar 21)
- Re: PIX DMZ Denial of Service - TCP Resets Guido van Rooij (Mar 27)
- Re: Process hiding in linux Peter W (Mar 17)
- Re: Process hiding in linux Pavel Machek (Mar 20)
- Security Bulletins Digest Aleph One (Mar 20)
- Hide Drives does not work with OUTLOOK 98. jhw1970 () HOTMAIL COM (Mar 22)
- Re: Process hiding in linux egmont () FAZEKAS HU (Mar 22)