FreeBSD Security Advisory FreeBSD-SA-15:13.tcp
gabor at zahemszky.hu
gabor at zahemszky.hu
Wed Jul 22 06:58:11 UTC 2015
> IV. Workaround
>
> No workaround is available, but systems that do not provide TCP based
> service to untrusted networks are not vulnerable.
>
> Note that the tcpdrop(8) utility can be used to purge connections
> which
> have become wedged. For example, the following command can be used
> to
> generate commands that would drop all connections whose last rcvtime
> is
> more than 100s:
>
> netstat -nxp tcp | \
> awk '{ if (int($NF) > 100) print "tcpdrop " $4 " " $5 }'
>
> The system administrator can then run the generated script as a
> temporary
> measure. Please refer to the tcpdump(8) manual page for additional
> information.
It should be tcpdrop(8), isn't it?
Zahy < Gabor at Zahemszky dot HU >
More information about the freebsd-security
mailing list