* Mlor Apac: > What's the status of debian (and linux kernel in general) regarding this > recent TCP vulnerability? I have been unable to find any precise > information. Let's imagine a server that has publicly accessible tcp service > enabled (e.g. http).
The actual set of issues impacting Linux has not been publicly disclosed yet. It is generally believed that connlimit is a suitable defense against attackers who do not control many IP addresses. connlimit is available on etch's 2.6.18 kernel and lenny's kernel, but not for the etchnhalf kernel/iptables combination (due to bug #504989). -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
