LinuxQuestions.org
Help answer threads with 0 replies.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > *BSD
Reload this Page TCP Sequence Number Approximation Based Denial of Service
User Name
Password
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.

Notices


Reply
  Search this Thread
Old 04-24-2010, 02:03 AM   #1
rafalek
Member
 
Registered: Oct 2003
Posts: 43

Rep: Reputation: 15
TCP Sequence Number Approximation Based Denial of Service

Hi. I receive mail from my friend and somebody wrote (below).
How can I fix it? Is there is any settings about it?
I use FreeBSD 6.3

Quoted list:

The following BGP-specific workaround information has been provided.
For BGP implementations that support it, the TCP MD5 Signature Option should be enabled. Passwords that the MD5 checksum is applied to should be set to
strong values and changed on a regular basis.

RESULTS:
Tested on port 21 with an injected SYN/RST offset by 16 bytes.
Tested on port 22 with an injected SYN/RST offset by 16 bytes.
 
Old 04-24-2010, 06:03 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Moved: This thread is more suitable in the Other *NIX Forums *BSD Forum and has been moved accordingly to help your thread/question get the exposure it deserves.

IIGC you need to check if IPv4 TCP-MD5 (RFC 2385) actually works in FBSD-6 (or FBSD-7), (re)compile the kernel with FAST_IPSEC, TCP_SIGNATURE and crypto support and (re)build Quagga with MD5 support.
Last edited by unSpawn; 04-24-2010 at 06:05 AM.
 
Old 04-25-2010, 09:25 AM   #3
rafalek
Member
 
Registered: Oct 2003
Posts: 43

Original Poster
Rep: Reputation: 15
Thx for help
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
difference between a TCP based service and a UDP based service ZAMO Linux - General 2 11-21-2008 04:22 AM
Troubleshooting Denial of Service vbsaltydog Linux - General 4 07-24-2008 11:51 PM
how to disable TCP/IP Denial of Service mayankh Linux - Security 2 10-14-2006 04:01 AM
LXer: Linux Kernel Ext3 Invalid Inode Number Denial of Service LXer Syndicated Linux News 0 08-08-2006 08:33 PM
Denial Of Service Attacks Ozzman Mandriva 13 11-13-2003 12:59 AM

LinuxQuestions.org > Forums > Other *NIX Forums > *BSD

All times are GMT -5. The time now is 01:04 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration