Chuck Swiger wrote: > > Alan Evans wrote: > > I'm sure FreeBSD is vulnerable. > > > > http://www.us-cert.gov/cas/techalerts/TA04-111A.html > > > > There's a draft that (sort of) addresses this. Should > > we adopt it? > > This issue is being discussed on freebsd-security now, and Mike Silbersack > <[EMAIL PROTECTED]> has some patches available for review and testing.
There has been an additional problem in some BSD stacks with RST's which has been fixed in FreeBSD about six years ago. The remaining things which are addressed in that paper are hardening measures to reduce the chances of a brute force blind attack. There *no* vulner- ablility in the sense of "send packet x" and everything breaks. -- Andre _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
