On Fri, 27 May 2005, John Dalbec wrote: > Does this affect us? The CERT Advisory has "unknown" for all the Linux > vendors. It has "Not Vulnerable" for Netfilter. Netfilter's "Vendor Statement" (see http://www.kb.cert.org/vuls/id/JGEI-6ABPN4) says "The Linux Kernel implements a check "(B')" as specified in the document. Therefore, the Linux Kernel TCP implementation is not vulnerable." I looked at the code myself and as far as I can say, Linux does not store TS values from out-of-window TCP packets. --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation." -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list