Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_3

Bugtraq archives for 3rd quarter (Jul-Sep) 1998: Re: FreeBSD's RST validation

Re: FreeBSD's RST validation

James Snow (snoteardrop.org)
Sun, 30 Aug 1998 18:22:26 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: www.devoid.net: "Re: buffer overflow in nslookup?"
Previous message: Scott Stone: "SEYON vulnerability in TurboLinux 2.0"
In reply to: Tristan Horn: "FreeBSD's RST validation"
Next in thread: Tristan Horn: "Re: FreeBSD's RST validation"

On Sun, 30 Aug 1998, Tristan Horn wrote:

> In my limited testing (oddly enough, not many people would consent to
> DoS), Solaris, OSF/1, Linux and Windows 98 appear to conform to RFC 793
> in this regard.  I have not yet been able to check NetBSD, OpenBSD,
> BSDI, etc.

Be aware that this individual used this attack on my machine late last
night, disconnecting all of my users without warning, and certainly
without asking for permission. He then proceeded to defend his actions
with extreme arrogance in a conversation with another admin. The log of
that conversation is available if anyone is interested.

He also did not, to my knowledge, report this to the FreeBSD team before
posting this here.

-James Snow

Next message: www.devoid.net: "Re: buffer overflow in nslookup?"
Previous message: Scott Stone: "SEYON vulnerability in TurboLinux 2.0"
In reply to: Tristan Horn: "FreeBSD's RST validation"
Next in thread: Tristan Horn: "Re: FreeBSD's RST validation"