|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: GentooRulez (paranoiac_user_at_freenet.de)
Date: Fri Oct 18 2002 - 05:53:53 CDT
>> Thats not what a asked. Assuming conn-track works fine and my
>> ip-filter decides to drop the package. When will this take place ?
>> Before defragmenting packet or with defragmented packets,. The
>> last case means such an exploit would work.
>Thats more than theoretical. If you do not know where the
>bug is (if there is one) then why making the assumption
>that part X is safe?
Simply because not the netfilter code was adressed to be buggy, but
the tcp "stack" implementaion.
>It will probably only put you into wrong feeling of security if such a
>bug really exists.
No, dont think so. That is why i asked that theoretical question which
is not answered until know. Will netfilter block such kind of packets when
a attacker tries to root my box ??? Or is a malicious packets handled
by the kernel before netfilter comes to inspect them ???
>Who tells that such a fragmented packet does not belong to a connection
>at all? :) If you have a public webserver I guess its easy to have
fragmented
>packets for a tracked connection.
This is another possibility to get infected, but it doesnt affect e.g. vpn
router.
>Anyway, its probably not necessary to discuss that if noone
>knows any details.
Dont think so. Its always good to talk about.
GTIF
Michael
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-helpsuse.com Security-related bug reports go to security
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]