Linux 2.2.3 patch to prevent FIN/NULL/XMAS scans

From: Taral (taralat_private)
Date: Wed Mar 24 1999 - 14:20:56 PST

Next message: Martin Bartosch: "Lotus Notes Encryption Bug"

Previous message: Richard Trott: "New OpenBSD security patches"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--Boundary-=_nWlrBbmQBhCDarzOwKkYHIDdqSCD
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

This small patch prevents Linux machines from responding differently to a
stealth scan for listening sockets. Very useful for those who would like =
to run
a secure shop. A printk() put in front of the changed line will allow log=
ging
of unusual packets.

Enjoy!

Taral
--Boundary-=_nWlrBbmQBhCDarzOwKkYHIDdqSCD
Content-Type: text/plain;
  name="tcp_input.c.patch"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment; filename="tcp_input.c.patch"

--- linux/net/ipv4/tcp_input.c.orig=09Tue Mar 23 16:10:22 1999
+++ linux/net/ipv4/tcp_input.c=09Tue Mar 23 16:41:34 1999
@@ -2052,7 +2052,7 @@
 =09=09=09goto discard;
 =09=09}
 =09=09
-=09=09goto discard;
+=09=09return 1;
 =09=09break;
=20
 =09case TCP_SYN_SENT:

--Boundary-=_nWlrBbmQBhCDarzOwKkYHIDdqSCD--

Next message: Martin Bartosch: "Lotus Notes Encryption Bug"
Previous message: Richard Trott: "New OpenBSD security patches"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:39:58 PDT