nanog mailing list archives
Re: CVE-2014-0160 mitigation using iptables
From: Valdis.Kletnieks () vt edu
Date: Thu, 10 Apr 2014 09:52:53 -0400
On Wed, 09 Apr 2014 11:07:36 +0100, Fabien Bourdaire said:
# Log rules iptables -t filter -A INPUT -p tcp --dport 443 -m u32 --u32 \ "52=0x18030000:0x1803FFFF" -j LOG --log-prefix "BLOCKED: HEARTBEAT"
That 52= isn't going to work if it's an IPv4 packet with an unexpected number IP or TCP options, or an IPv6 connection....
Attachment:
_bin
Description:
Current thread:
- CVE-2014-0160 mitigation using iptables Fabien Bourdaire (Apr 10)
- Re: CVE-2014-0160 mitigation using iptables Nick Hilliard (Apr 10)
- RE: CVE-2014-0160 mitigation using iptables David Hubbard (Apr 10)
- Re: CVE-2014-0160 mitigation using iptables Valdis . Kletnieks (Apr 10)
- Re: CVE-2014-0160 mitigation using iptables shawn wilson (Apr 10)
- Re: CVE-2014-0160 mitigation using iptables Nick Hilliard (Apr 10)