Re: Does anybody knows of this security problem in the kernel?

To: Haim Ashkenazi <haim@consonet.com>
Cc: Debian Security <debian-security@lists.debian.org>
Subject: Re: Does anybody knows of this security problem in the kernel?
From: Florian Weimer <fw@deneb.enyo.de>
Date: Sat, 17 May 2003 09:34:46 +0200
Message-id: <878yt6t4a1.fsf@deneb.enyo.de>
Mail-followup-to: Haim Ashkenazi <haim@consonet.com>, Debian Security <debian-security@lists.debian.org>
In-reply-to: <20030516173537.5d9d5f0c.haim@consonet.com> (Haim Ashkenazi's message of "Fri, 16 May 2003 17:35:37 +0300")
References: <20030516130409.2e3cc291.haim@consonet.com> <20030516135456.GA23174@vekoll.saturnus.vein.hu> <20030516173537.5d9d5f0c.haim@consonet.com>

Haim Ashkenazi <haim@consonet.com> writes:

> if I'll patch "ipt_conntrack.c" in the kernel-source with that patch I
> won't have to worry about the filtering in the PREROUTING chain?

You have to filter in the PREROUTING chain to protect the routing
cache, otherwise the machine will die when flooded with packets with
random source or destination addresses.

Reply to:

References:
- Does anybody knows of this security problem in the kernel?
  - From: Haim Ashkenazi <haim@consonet.com>
- Re: Does anybody knows of this security problem in the kernel?
  - From: Adam ENDRODI <borso@vekoll.saturnus.vein.hu>
- Re: Does anybody knows of this security problem in the kernel?
  - From: Haim Ashkenazi <haim@consonet.com>

Prev by Date: Remotely monitoring security
Next by Date: Re: Does anybody knows of this security problem in the kernel?
Previous by thread: Re: Does anybody knows of this security problem in the kernel?
Next by thread: Mrs Victoria Guei. HOW ARE YOU
Index(es):
- Date
- Thread