Vulnerability Development mailing list archives
Re: Retransmissions while blocking TCP Stack's RST?
From: MA <mixalhs () noos fr>
Date: 31 Oct 2002 09:16:13 +0100
Jared Stanbrough <jareds () pdx edu> writes:
This doesn't address the issue of keeping the originating machine from trying to take part in the replayed TCP session. The question isn't how to replay the data, it's how to keep the originating host from screwing it up by tearing down the illigitimate connection.
Old question: http://www.whitefang.com/rin/rawfaq.html#12 " If you don't firewall it, and reply yourself you'll wind up having additional responses from your operating system! "
One easy way to do this would be to setup iptables to block outbound TCP packets that have the RST flag set
I'd rather block incoming packets and set my filter on the source address & ports.
Current thread:
- Retransmissions while blocking TCP Stack's RST? Cynic (Oct 30)
- Re: Retransmissions while blocking TCP Stack's RST? Brad Arlt (Oct 30)
- Re: Retransmissions while blocking TCP Stack's RST? Jared Stanbrough (Oct 30)
- Re: Retransmissions while blocking TCP Stack's RST? Bryan Burns (Oct 30)
- Re: Retransmissions while blocking TCP Stack's RST? Dan Kaminsky (Oct 30)
- Re: Retransmissions while blocking TCP Stack's RST? Dan Hanson (Oct 30)
- Re: Retransmissions while blocking TCP Stack's RST? MA (Oct 31)
- Re: Retransmissions while blocking TCP Stack's RST? Jared Stanbrough (Oct 30)
- Re: Retransmissions while blocking TCP Stack's RST? Filipe Almeida (Oct 30)
- <Possible follow-ups>
- RE: Retransmissions while blocking TCP Stack's RST? Cynic (Oct 31)
- Re: Retransmissions while blocking TCP Stack's RST? Cynic (Oct 31)
- Re: Retransmissions while blocking TCP Stack's RST? Brad Arlt (Oct 30)