[13604] in bugtraq
Re: Multicast from hell
daemon@ATHENA.MIT.EDU (Omachonu Ogali)
Fri Jan 28 16:43:26 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.BSF.4.10.10001280708510.13884-100000@hydrant.intranova.net>
Date: Fri, 28 Jan 2000 07:09:50 -0500
Reply-To: Omachonu Ogali <oogali@INTRANOVA.NET>
From: Omachonu Ogali <oogali@INTRANOVA.NET>
X-To: jwatkins@hungry.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <38906E7F.1B9E5797@hungry.com>
That code will only work if the receiving host has no daemon listening on
that port, you're better off with Alfred's patch.
http://www.freebsd.org/~alred/tcp_fix.diff
(I think)
Omachonu Ogali
Intranova Networking Group
On Thu, 27 Jan 2000, John Watkins wrote:
> Here is a patch for FreeBSD
>
> --- tcp_input.c.orig Tue Apr 20 15:09:15 1999
> +++ tcp_input.c Fri Jan 21 21:53:00 2000
> @@ -398,12 +398,36 @@
> "Connection attempt to TCP %s:%d from
> %s:%d\n",
> buf, ntohs(ti->ti_dport),
> inet_ntoa(ti->ti_src),
> ntohs(ti->ti_sport));
> - }
> + } else if (tiflags & TH_ACK) {
> + /*
> + * Alpha code in response to stream.c
> + * - Omachonu Ogali
> + */
> + char buf[4*sizeof "123"];
> +
> +#ifdef ICMP_BANDLIM
> + if (badport_bandlim(1) < 0)
> + goto drop;
> +#endif
> +
> + strcpy(buf, inet_ntoa(ti->ti_dst));
> + log(LOG_INFO,
> + "received TCP/ACK to non existant
> connection: %s:%d -> %s:%d\n",
> + inet_ntoa(ti->ti_src), ntohs(ti->ti_sport),
> buf,
> ntohs(ti->ti_dport));
> +
> + /*
> + * Drop without reset to prevent smurf-like tcp
> + * attack
> + */
> +
> + goto drop;
> + } else {
> #ifdef ICMP_BANDLIM
> if (badport_bandlim(1) < 0)
> goto drop;
> #endif
> goto dropwithreset;
> + }
> }
> tp = intotcpcb(inp);
> if (tp == 0)
>
