Re: FreeBSD Security Advisory FreeBSD-SA-14:08.tcp

看板FB_security作者時間11年前 (2014/05/03 04:01), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串14/21 (看更多)
In message <CAABACD8BCAE7B4B8A7906EEDC9DEBC5024EFDCD@IAD-WPRD-XCHB01.corp.verio ..net>, "David DeSimone" <ddesimone@verio.net> wrote: >Are you perhaps confusing IP Fragment Reassembly with the similar but >unrelated TCP Segment Reassembly? That's entirely possible. I have near zero experience with or understanding of either of these types of packet fragmentation. >My understanding is that TCP stacks normally try very hard not to >generate IP fragments in a TCP stream. > >It appears that this bug report relates only to TCP Reassembly, and has >nothing to do with IP Fragments. But perhaps I am misreading it? OK, so how would one block all incoming *TCP* fragments... you know... in order to render this specific security issue a non-issue? (I personally am already blocking inbound IP fragments viw ipfw.) _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 rfg. 的文章
文章代碼(AID): #1JO_b_HA (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 14 之 21 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共21篇)
更多 rfg. 的文章
文章代碼(AID): #1JO_b_HA (FB_security)