> > I received a forwarded message from SuSE regarding a security vulnerability
> > with respect to randomization of the ISN for SYN cookies - or something to
> > that effect. I have not been able to find the patch which addresses this
> > problem; if anyone can point me towards it, I would be appreciative.
>
> Its fixed in 2.2.20, you can grab the 2.2 patch from there
What is a good way to test SYN cookies? I can induce a three-second
delay (on victim host V) before new TCP connections are accepted by
sending a burst of 2000 SYN packets (from attacker A), where V is
running a 2.2.14 or 2.2.17 kernel. During the three seconds ICMP echo
requests from A to V are being answered.
Turning on SYN cookies after /proc is mounted does not affect the
three-second pause, though, so I figure that either the pause is not
on account of a full half-open connection queue or SYN cookies are not
working.
-- --Ed Cashin PGP public key: ecashin@terry.uga.edu http://www.terry.uga.edu/~ecashin/pgp/- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/