Bugtraq mailing list archives
Re: FreeBSD's RST validation
From: db () DB NET (Diane Bruce)
Date: Sun, 30 Aug 1998 19:09:46 -0700
Tristan Horn says:
--ZRyEpB+iJ+qUx0kp Content-Type: multipart/mixed; boundary=qGV0fN9tzfkG3CxV
I hate people who mime their email for the plain text part. In any case.
--qGV0fN9tzfkG3CxV Content-Type: text/plain; charset=us-ascii RFC 793, pages 36-39 (chapter 3.5) describes closing connections with TCP. Page 37 is of particular interest:
...
IRC in particular will probably be affected, due to the ease of getting addresses and such. /stats L even used to give you the port numbers for users, servers and listening sockets, but I believe this was fixed in /hybrid a while back, and then +CS. /stats c should just be disabled for non-opers since it lets people find the port # for autoconnects.
I have been planning it. Well, allowing stats c, but not giving the actual IP's, I'll disable the port # as well. Port 6666 is quite commonly used for autoconnect, as well as 31337... Not really very much that can be done from userland really... ...
TS4 rocks!
I do not like TS4. But, this is hardly the place to discuss it. -- Diane Bruce, http://www.db.net/~db http://www.db.net email db () db net
Current thread:
- Re: Buffer overflows in Minicom 1.80.1, (continued)
- Re: Buffer overflows in Minicom 1.80.1 M.C.Mar (Aug 31)
- Re: Buffer overflows in Minicom 1.80.1 Wichert Akkerman (Aug 31)
- buffer overflow in nslookup? Peter van Dijk (Aug 29)
- Re: buffer overflow in nslookup? Brandon Reynolds (Aug 29)
- Re: buffer overflow in nslookup? Peter van Dijk (Aug 30)
- FreeBSD's RST validation Tristan Horn (Aug 30)
- Re: FreeBSD's RST validation James Snow (Aug 30)
- Re: FreeBSD's RST validation Tristan Horn (Aug 30)
- port scanning. (fwd) Darren Reed (Aug 31)
- Re: FreeBSD's RST validation Andrey Alekseyev (Aug 31)
- Re: FreeBSD's RST validation Diane Bruce (Aug 30)
- Re: FreeBSD's RST validation Oliver Friedrichs (Aug 31)
- SEYON vulnerability in TurboLinux 2.0 Scott Stone (Aug 30)
- Re: buffer overflow in nslookup? www.devoid.net (Aug 30)
- Re: buffer overflow in nslookup? Benjamin J Stassart (Aug 30)
- Re: buffer overflow in nslookup? Theo de Raadt (Aug 31)
- Re: buffer overflow in nslookup? Uwe Ohse (Aug 31)
- Hole in Oracle Server/Developer 2000 - authentication protocol. Yaron Yanay (Aug 31)
- Re: buffer overflow in nslookup? Willy TARREAU (Aug 31)