| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 21 Oct 2007 19:29:02 +0200 From: Willy Tarreau <w@....eu> To: Tal Kelrich <tal@...icgenome.com> Cc: linux-kernel@...r.kernel.org Subject: Re: 2.4/2.6 local TCP connect oddity Hi, On Sun, Oct 21, 2007 at 05:53:37PM +0200, Tal Kelrich wrote: > Hi, > > I've run into a problem where a process trying to connect to a local > port within the local port range eventually ends up connected to itself, > with source port = dest port. > > similar behavior can be gotten by running netcat as follows: > nc -p 1025 localhost 1025 > > I'm not really sure if that's a bug, but the original case was at least > unexpected. It is not a bug, it is caused by the "simultaneous connect" feature of TCP. Although rarely used, in TCP you can connect two clients together. They just have to exchange their SYN, SYN/ACK then ACK and bingo, they're connected. In fact, you found the easiest way to achieve it, by using the same port. To demonstrate the feature, I'm used to either temporarily block SYNs with iptables, or by unplugging the cable between two machines. I personally dislike this feature as it can be exploited to prevent any client from connecting to the outside by flooding it with SYN packets to its guessed source port. Anyway, most stateful firewalls don't let this pass through. > Regards, > Tal Kelrich Regards, Willy - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists