TCP BUG IN FREEBSD

A recent vulnerability found in the FreeBSD TCP/IP stack caught my eye due to its relative simplicity (both in exploiting it and avoiding it). It references CVE-2004-0230 (yep, 2004) with a slight twist: instead of using RST packets, it uses SYN packets for the same end-result: a connection reset.

Let's say you have an established TCP connection between ...

read more>

TROUBLESHOOTING A WEIRD TCP HANDSHAKE

This is a troubleshooting scenario based on an issue that happened in a production network, namely getting a RST as the third packet in the 3-way handshake.

The flow of this article is as follows: first, we will look at the topology and how the problem manifested itself, then dig deeper and find out the issue. Lastly, we will configure ...

read more>