TCP RST attack

Bruce M Simpson bms at spc.org
Tue Apr 20 17:03:00 PDT 2004


On Tue, Apr 20, 2004 at 01:45:20PM -0700, Matthew Dillon wrote:
>     99.9% of all BGP links are direct connections (meaning that they
>     terminate at a router rather then pass through one).  No packet to
>     or from port 179 has any business being routed from one network to
>     another in virtually all BGP link setups so the fix is utterly trivial.

This isn't necessarily the case with eBGP multihop or route-server based
setups.

Regards,
BMS


More information about the freebsd-security mailing list