WingNews logo WingNews
top | item 47033474

(no title)

kpcyrd | 14 days ago

Nice, are you using something like this?

    iptables -I OUTPUT -p tcp --sport 22 --tcp-flags RST RST -j DROP
    iptables -I OUTPUT -p tcp --sport 22 --tcp-flags FIN FIN -j DROP
Unfortunately this is still trivial to work around with a read timeout.

discuss

order

trashb|14 days ago

No I think I wrote something in C (it was written a while ago) accepting the and then discarding the connection in such a way the RST/FIN was never send, making sure to clean the socket server side.

I guess a timeout will need to be adjusted/implemented on the bot's end I remember fixing a similar bug at work and it was quite involved. At any rate the very least the connection was made and discarded.

I guess the iptables solution would also work well and you would have a correctly working serverside.