lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 23 Nov 2011 13:38:15 -0800
From:	Rick Jones <rick.jones2@...com>
To:	David Miller <davem@...emloft.net>
CC:	gdfuego@...il.com, richard.weinberger@...il.com,
	linux-kernel@...r.kernel.org, netdev@...r.kernel.org
Subject: Re: Finding a hidden bound TCP socket

On 11/23/2011 01:01 PM, David Miller wrote:
> From: "G. D. Fuego"<gdfuego@...il.com>
> Date: Wed, 23 Nov 2011 15:27:33 -0500
>
>> Any comments?  The behavior seems broken.  At the very least its very
>> inconsistent with other Unixes.
>
> Until the socket has a full final tuple it is bound to, there is no
> reason to list it.
>
> No UNIX lists a socket which is partially bound and hasn't either
> performed a listen() or a connect().

Well....  I took the .c file mentioned previously, and compiled it on a 
Solaris 10 8/11 instance.  The 25-odd sockets it created *were* listed 
in the output of netstat -an -- local address as *.<portnum> remote 
address as *.* and a state of "BOUND."

A FreeBSD  (rev 8 IIRC) netstat -an seems to display them in a state of 
"CLOSED."  I didn't check HP-UX 11i v3 or AIX 6.

rick jones
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ