Re: Debian and recent TCP vulnerability

To: Mlor Apac <mlor.apac@gmail.com>
Cc: debian-security@lists.debian.org
Subject: Re: Debian and recent TCP vulnerability
From: Florian Weimer <fw@deneb.enyo.de>
Date: Mon, 14 Sep 2009 15:44:59 +0000
Message-id: <[🔎] 87r5u9a5tw.fsf@mid.deneb.enyo.de>
In-reply-to: <[🔎] 3773e0ee0909110323x4609ca33ua08113137c0c82a0@mail.gmail.com> (Mlor Apac's message of "Fri, 11 Sep 2009 13:23:30 +0300")
References: <[🔎] 3773e0ee0909110323x4609ca33ua08113137c0c82a0@mail.gmail.com>

* Mlor Apac:

> What's the status of debian (and linux kernel in general) regarding this
> recent TCP vulnerability? I have been unable to find any precise
> information. Let's imagine a server that has publicly accessible tcp service
> enabled (e.g. http).

The actual set of issues impacting Linux has not been publicly
disclosed yet.

It is generally believed that connlimit is a suitable defense against
attackers who do not control many IP addresses.  connlimit is
available on etch's 2.6.18 kernel and lenny's kernel, but not for the
etchnhalf kernel/iptables combination (due to bug #504989).

Reply to:

References:
- Debian and recent TCP vulnerability
  - From: Mlor Apac <mlor.apac@gmail.com>

Prev by Date: Re: Recent Firefox Update - Iceweasel affected?
Next by Date: Re: bind9 security problem?
Previous by thread: Re: Debian and recent TCP vulnerability
Next by thread: Recent Firefox Update - Iceweasel affected?
Index(es):
- Date
- Thread