Dear Customer, Escalations Supplement erg712598, the UnixWare Networking Package, addresses the following problems Problem Fixed ------------- This ergfix handles following two ergs - 1. erg712598: NISCC Vulnerablity Advisory - 236929 resolved. It is related to resetting an established TCP connection by sending suitable TCP packets with RST or SYN flags set. 2. erg712605: Fragmented attack (Rose attack) handled. Rose attack is handled by providing two tunable parameters - - maxfragpackets - maxfragsperpacket The above two can be tuned by changing the value of these variables in space.c (inet module). Contents -------- /etc/conf/pack.d/inet/Driver_atup.o /etc/conf/pack.d/inet/Driver_mp.o /etc/conf/pack.d/inet/space.c /usr/include/netinet/ip_var.h Warning ------- This is a fix package produced by The SCO Group, Inc. Escalations and is not intended for general distribution. It has been produced to address a particular problem and has not been tested in all system configurations. Software Notes and Recommendations ---------------------------------- erg712598 should only be installed on: UnixWare 7.1.1 Installation Instructions ------------------------- 1. Download the erg712598.Z file to the /tmp directory on your machine. 2. As root, uncompress the file and add the package to your system using these commands: $ su Password: # uncompress /tmp/erg712598.Z # pkgadd -d /tmp/erg712598 # rm /tmp/erg712598 Alternatively, this SLS package may be installed in quiet mode, that is, without displaying the release notes and asking for confirmation. To do this, use these commands: $ su Password: # uncompress /tmp/erg712598.Z # pkgadd -qd /tmp/erg712598 all # rm /tmp/erg712598 3. Reboot the system after installing this package. Removal Instructions -------------------- 1. As root, remove the package using these commands: $ su Password: # pkgrm erg712598 2. Reboot the system after removing this package. If you have questions regarding this supplement, or the product on which it is installed, please contact your software supplier.