d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

The below patch helps to reduce the leakage of internal socket information

Browse Source 
when a TCP "stealth" scan is directed at a *BSD box by ensuring the window
is 0 for all RST packets generated through tcp_respond()
Reviewed by:	Don Lewis <Don.Lewis@tsc.tdk.com>
Obtained from:	Bugtraq (from: Darren Reed <avalon@COOMBS.ANU.EDU.AU>)
This commit is contained in:
Guido van Rooij 1998-11-15 21:35:09 +00:00
parent ad6d02135b
commit d285db5598
2 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
sys/netinet/tcp_subr.c
View File

@ -31,7 +31,7 @@
* SUCH DAMAGE.
*
* @(#)tcp_subr.c 8.2 (Berkeley) 5/24/95
* $Id: tcp_subr.c,v 1.46 1998/08/24 07:47:39 dfr Exp $
* $Id: tcp_subr.c,v 1.47 1998/09/06 08:17:35 phk Exp $
*/
#include "opt_compat.h"
@ -209,7 +209,8 @@ tcp_respond(tp, ti, m, ack, seq, flags)
struct route sro;
if (tp) {
win = sbspace(&tp->t_inpcb->inp_socket->so_rcv);
if (!(flags & TH_RST))
win = sbspace(&tp->t_inpcb->inp_socket->so_rcv);
ro = &tp->t_inpcb->inp_route;
} else {
ro = &sro;

5
sys/netinet/tcp_timewait.c
View File

@ -31,7 +31,7 @@
* SUCH DAMAGE.
*
* @(#)tcp_subr.c 8.2 (Berkeley) 5/24/95
* $Id: tcp_subr.c,v 1.46 1998/08/24 07:47:39 dfr Exp $
* $Id: tcp_subr.c,v 1.47 1998/09/06 08:17:35 phk Exp $
*/
#include "opt_compat.h"
@ -209,7 +209,8 @@ tcp_respond(tp, ti, m, ack, seq, flags)
struct route sro;
if (tp) {
win = sbspace(&tp->t_inpcb->inp_socket->so_rcv);
if (!(flags & TH_RST))
win = sbspace(&tp->t_inpcb->inp_socket->so_rcv);
ro = &tp->t_inpcb->inp_route;
} else {
ro = &sro;