[13503] in bugtraq
Re: stream.c - new FreeBSD exploit?
daemon@ATHENA.MIT.EDU (Frank (sysadmin))
Sun Jan 23 17:51:39 2000
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="wRRV7LY7NUeQGEoC"
Message-Id: <20000122113951.A32334@student.rug.ac.be>
Date: Sat, 22 Jan 2000 11:39:51 +0100
Reply-To: "Frank (sysadmin)" <frank@STUDENT.RUG.AC.BE>
From: "Frank (sysadmin)" <frank@STUDENT.RUG.AC.BE>
X-To: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <200001211446.BAA14549@cairo.anu.edu.au>; from
avalon@COOMBS.ANU.EDU.AU on Sat, Jan 22, 2000 at 01:46:41AM +1100
--wRRV7LY7NUeQGEoC
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
=20
> The above kernel message is from Linux 2.2, *NOT* FreeBSD.
>=20
> The behaviour and impact would appear to vary from OS to OS and maybe
> platform too. It does not appear to cause Solaris7/NetBSD to panic
> (in a hurry anyway).
Nothing on Windows 2000 (RC3) either ...
=20
Regarding the firewall rules: I know that the 'connection keeping' is
important, but difficult. I also know that ipfilter does The Right Way(tm).
How about others? Cisco has some connection keeping, but I heard that it is
not the same. Will it block the stream.c attack? And ipchains/ipfw? I guess
not, but would like some confirmation ...
frank
--=20
Frank Louwers Unix System Administrator
PGP: 1024D/3F6A7EDD D597 566A BDF5 BBFB C308 447A 5E81 1188 3F6A 7EDD
--wRRV7LY7NUeQGEoC
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE4iYj2XoERiD9qft0RARsdAJsEOnqszccQepfODu16VqQHJHdiigCg7eh3
qoOnRZZHJmSRH0sKe7xYYYw=
=WfHM
-----END PGP SIGNATURE-----
--wRRV7LY7NUeQGEoC--
