FreeBSD Security Advisory FreeBSD-SA-15:13.tcp

[Xin Li]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 07/21/15 23:52, gabor at zahemszky.hu wrote:
>> IV.  Workaround
>> 
>> No workaround is available, but systems that do not provide TCP
>> based service to untrusted networks are not vulnerable.
>> 
>> Note that the tcpdrop(8) utility can be used to purge connections
>> which have become wedged.  For example, the following command can
>> be used to generate commands that would drop all connections
>> whose last rcvtime is more than 100s:
>> 
>> netstat -nxp tcp | \ awk '{ if (int($NF) > 100) print "tcpdrop "
>> $4 " " $5 }'
>> 
>> The system administrator can then run the generated script as a
>> temporary measure.  Please refer to the tcpdump(8) manual page
>> for additional information.
> 
> It should be tcpdrop(8), isn't it?

Yes it should be tcpdrop(8).

Cheers,
- -- 
Xin LI <delphij at delphij.net>    https://www.delphij.net/
FreeBSD - The Power to Serve!           Live free or die
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.6 (FreeBSD)

iQIcBAEBCgAGBQJVsUDZAAoJEJW2GBstM+nsvZ0P/22S7IgSHZg27gNEo1hVuSN/
GuiEoCShz2VU2c2Wk/vAo3kNvXoWsmz30fKGL5Cu8hi24w8JsHdOwzdB3JI98uu+
srw+8mjxeaumw8/P/w+D2D0w0qh2v4252KhUK9zDvkRAoWsaijgDXh2EEJoaxHCe
zo7OVHfL37PG2zSAmY/whMOcQ07Tjv0SepgctKe8rt5YH66Bh2c7zkiJ0Z2wbfmC
B/OvgPhiWqK522cJnTQ/FLjZNCOJ+G6jg0Z5nVBOI7L1uN5z7CyOtZ5MNLMx4fza
IlaWmbAexIH/q8n37Y2pVfQvT6WyWXhSxv1reyDC2xYixzxFlFUIFQIen5jd7tVN
xmYHR9SRaMPVHk5SY7OYfJUlsum4zgwiHjJv9N76tjUMPkmCBEr1fTxerU2mJ2G6
OLqvnK/VVLgebYsBj3NoTrgcKH8L4oz+W/IsPu5SF/shv7hxqAniXp3NX895j97n
BzW9r75yT+Iy61VloOq/ZD9QNA379d6+kGHq96lg/qmsG7WImpxum+HtMSjtuBjJ
ZP2EK4YZ1usKxjCLt6XIzH2ao1QJ8/64WmAi7tebn4O9rmBwV16wCpxEssEYU1HI
l+c9CSlJfoTVkN35ka79x9BgnwpVzAy9iAscDj/yWv2iNrhjUMO6ffA6Q2CGEqxQ
MT4h6biU/KXH4Reh1n8F
=ZIpa
-----END PGP SIGNATURE-----