[13587] in bugtraq
Multicast from hell
daemon@ATHENA.MIT.EDU (John Watkins)
Thu Jan 27 13:38:01 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <38906E7F.1B9E5797@hungry.com>
Date: Thu, 27 Jan 2000 09:12:47 -0700
Reply-To: jwatkins@hungry.com
From: John Watkins <jwatkin@HUNGRY.COM>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Here is a patch for FreeBSD
--- tcp_input.c.orig Tue Apr 20 15:09:15 1999
+++ tcp_input.c Fri Jan 21 21:53:00 2000
@@ -398,12 +398,36 @@
"Connection attempt to TCP %s:%d from
%s:%d\n",
buf, ntohs(ti->ti_dport),
inet_ntoa(ti->ti_src),
ntohs(ti->ti_sport));
- }
+ } else if (tiflags & TH_ACK) {
+ /*
+ * Alpha code in response to stream.c
+ * - Omachonu Ogali
+ */
+ char buf[4*sizeof "123"];
+
+#ifdef ICMP_BANDLIM
+ if (badport_bandlim(1) < 0)
+ goto drop;
+#endif
+
+ strcpy(buf, inet_ntoa(ti->ti_dst));
+ log(LOG_INFO,
+ "received TCP/ACK to non existant
connection: %s:%d -> %s:%d\n",
+ inet_ntoa(ti->ti_src), ntohs(ti->ti_sport),
buf,
ntohs(ti->ti_dport));
+
+ /*
+ * Drop without reset to prevent smurf-like tcp
+ * attack
+ */
+
+ goto drop;
+ } else {
#ifdef ICMP_BANDLIM
if (badport_bandlim(1) < 0)
goto drop;
#endif
goto dropwithreset;
+ }
}
tp = intotcpcb(inp);
if (tp == 0)
