[9968] in bugtraq
Linux 2.2.3 patch to prevent FIN/NULL/XMAS scans
daemon@ATHENA.MIT.EDU (Taral)
Thu Mar 25 21:37:04 1999
Date: Wed, 24 Mar 1999 16:20:56 -0600
Reply-To: Taral <taral@CYBERJUNKIE.COM>
From: Taral <taral@CYBERJUNKIE.COM>
To: BUGTRAQ@NETSPACE.ORG
--Boundary-=_nWlrBbmQBhCDarzOwKkYHIDdqSCD
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
This small patch prevents Linux machines from responding differently to a
stealth scan for listening sockets. Very useful for those who would like =
to run
a secure shop. A printk() put in front of the changed line will allow log=
ging
of unusual packets.
Enjoy!
Taral
--Boundary-=_nWlrBbmQBhCDarzOwKkYHIDdqSCD
Content-Type: text/plain;
name="tcp_input.c.patch"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment; filename="tcp_input.c.patch"
--- linux/net/ipv4/tcp_input.c.orig=09Tue Mar 23 16:10:22 1999
+++ linux/net/ipv4/tcp_input.c=09Tue Mar 23 16:41:34 1999
@@ -2052,7 +2052,7 @@
=09=09=09goto discard;
=09=09}
=09=09
-=09=09goto discard;
+=09=09return 1;
=09=09break;
=20
=09case TCP_SYN_SENT:
--Boundary-=_nWlrBbmQBhCDarzOwKkYHIDdqSCD--
