Bugtraq mailing list archives

Re: FreeBSD's RST validation

From: sno () teardrop org (James Snow)
Date: Sun, 30 Aug 1998 18:22:26 -0700


On Sun, 30 Aug 1998, Tristan Horn wrote:

In my limited testing (oddly enough, not many people would consent to
DoS), Solaris, OSF/1, Linux and Windows 98 appear to conform to RFC 793
in this regard.  I have not yet been able to check NetBSD, OpenBSD,
BSDI, etc.


Be aware that this individual used this attack on my machine late last
night, disconnecting all of my users without warning, and certainly
without asking for permission. He then proceeded to defend his actions
with extreme arrogance in a conversation with another admin. The log of
that conversation is available if anyone is interested.

He also did not, to my knowledge, report this to the FreeBSD team before
posting this here.


-James Snow

Current thread:

[SECURITY] Seyon is vulnerable to a root exploit, (continued)
- - - [SECURITY] Seyon is vulnerable to a root exploit Martin Schulze (Aug 28)
    - Update on Linux unfsd Olaf Kirch (Aug 29)
    - Buffer overflows in Minicom 1.80.1 Eduardo Navarro (Aug 29)
    - Re: Buffer overflows in Minicom 1.80.1 Alan Brown (Aug 29)
    - Re: Buffer overflows in Minicom 1.80.1 M.C.Mar (Aug 31)
    - Re: Buffer overflows in Minicom 1.80.1 Wichert Akkerman (Aug 31)
    - buffer overflow in nslookup? Peter van Dijk (Aug 29)
    - Re: buffer overflow in nslookup? Brandon Reynolds (Aug 29)
    - Re: buffer overflow in nslookup? Peter van Dijk (Aug 30)
    - FreeBSD's RST validation Tristan Horn (Aug 30)
    - Re: FreeBSD's RST validation James Snow (Aug 30)
    - Re: FreeBSD's RST validation Tristan Horn (Aug 30)
    - port scanning. (fwd) Darren Reed (Aug 31)
    - Re: FreeBSD's RST validation Andrey Alekseyev (Aug 31)
    - Re: FreeBSD's RST validation Diane Bruce (Aug 30)
    - Re: FreeBSD's RST validation Oliver Friedrichs (Aug 31)
    - SEYON vulnerability in TurboLinux 2.0 Scott Stone (Aug 30)
    - Re: buffer overflow in nslookup? www.devoid.net (Aug 30)
    - Re: buffer overflow in nslookup? Benjamin J Stassart (Aug 30)
    - Re: buffer overflow in nslookup? Theo de Raadt (Aug 31)
    - Re: buffer overflow in nslookup? Uwe Ohse (Aug 31)

(Thread continues...)