Re: [SECURITY] CERT/CC VU#464113, SYN plus RST/FIN

• Next message: Takashi Iwai: "Re: [PATCHSET 22/25] add support for PC-9800 architecture (sound alsa)"
• Previous message: Alan Cox: "Re: Csum and csum copyroutines benchmark"
• In reply to: Florian Weimer: "[SECURITY] CERT/CC VU#464113, SYN plus RST/FIN"
• Next in thread: Alex Riesen: "Re: [SECURITY] CERT/CC VU#464113, SYN plus RST/FIN"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 2002-10-25 at 10:00, Florian Weimer wrote:
> This patch prevents SYN+RST and SYN+FIN segments which arrive in the
> LISTEN state from initiating a three-way handshake.
>
> I'm not sure if it is correct, but it's better than nothing (so far, I
> haven't seen any patch for this issue).

I would disagree with the th->fin check. We don't want to break stuff
that is doing T/TCP initially. (Yes the advice people gave is badly
wrong - SYN|ACK|FIN is legal for example and some stacks generate it)

The th->rst is clearly correct however

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Takashi Iwai: "Re: [PATCHSET 22/25] add support for PC-9800 architecture (sound alsa)"
• Previous message: Alan Cox: "Re: Csum and csum copyroutines benchmark"
• In reply to: Florian Weimer: "[SECURITY] CERT/CC VU#464113, SYN plus RST/FIN"
• Next in thread: Alex Riesen: "Re: [SECURITY] CERT/CC VU#464113, SYN plus RST/FIN"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Thu Oct 31 2002 - 22:00:27 EST