Re: [lvs-users] TCP sequence number vulnerabilities

To:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: [lvs-users] TCP sequence number vulnerabilities
From:	Graeme Fowler <graeme@xxxxxxxxxxx>
Date:	Wed, 10 Jul 2013 11:39:51 +0100

On 9 Jul 2013, at 16:22, Edgar Danielyan <edd@xxxxxxxxxxxxx> wrote:
> Could someone confirm if the following issues have been addressed in
> LVS and if so what version(s)?
> 
> Linux Kernel TCP Sequence Number Generation Security Weakness - CVE-2011-3188
> TCP/IP Sequence Prediction Blind Reset Spoofing DoS - CVE-2004-0230

I could be wrong (it's happened before) but these were fixed in the Liux 
kernel's IP stack some time ago. As LVS/IPVS sits atop that, is there anything 
to be addressed here?

Graeme
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread]	Current Thread	[Next in Thread>
[lvs-users] TCP sequence number vulnerabilities, Edgar Danielyan Re: [lvs-users] TCP sequence number vulnerabilities, Graeme Fowler <=

Previous by Date:	Re: [lvs-users] Reasonable(?) Performance of LVS-NAT, Simon Horman
Next by Date:	Re: [lvs-users] request is refused by lvs balance loader server, Hatt Tom
Previous by Thread:	[lvs-users] TCP sequence number vulnerabilities, Edgar Danielyan
Indexes:	[Date] [Thread] [Top] [All Lists]