[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Re: TCP bug on old Solaris box ?
From:       Nathan Lawson <nlawson () statler ! csc ! calpoly ! edu>
Date:       1996-12-21 13:19:24
[Download RAW message or body]

> Doing nasty things with my old 2.3 Sun box, I noticed that
> Solaris exits gracefully from a listen/accept call BEFORE
> the three-way handshake is completed. That is, you exit
> successfully from accept() as soon as the first SYN arrives !
>
> Solaris 2.5 has a much better behavior and exits from accept()
> only if the three-way handshake is completed. Do people noticed
> something similar ? Any comments ?

This is dynamically configurable on Solaris 2.X via the "tcp_eager_listeners"
variable.  You probably want to turn it off.

> PS : Oh, by the way : of course, this is bad news for the guys who
> try to stealthly scan the TCP ports of the solaris 2.3 target, for example
> with ETCP, since the old box urges syslog for incoming connections anyway...

That is one possible use for turning on this parameter.

-Nate

[prev in list] [next in list] [prev in thread] [next in thread]