netdev
[Top] [All Lists]

Re: tcp vulnerability? haven't seen anything on it here...

To: alex@xxxxxxxxxxxx
Subject: Re: tcp vulnerability? haven't seen anything on it here...
From: Florian Weimer <fw@xxxxxxxxxxxxx>
Date: Fri, 23 Apr 2004 12:31:02 +0200
Cc: linux-kernel@xxxxxxxxxxxxxxx, <netdev@xxxxxxxxxxx>
In-reply-to: <Pine.LNX.4.44.0404221030240.2738-100000@paix.pilosoft.com> (alex@pilosoft.com's message of "Thu, 22 Apr 2004 10:37:42 -0400 (EDT)")
References: <Pine.LNX.4.44.0404221030240.2738-100000@paix.pilosoft.com>
Sender: netdev-bounce@xxxxxxxxxxx
alex@xxxxxxxxxxxx writes:

> Not quite. With a SYN you have to respond with exactly the same sequence 
> number as attacking host in order to establish connection. With RST, your 
> sequence number needs to be +- rwin in order to kill the connection. That 
> significantly reduces search space.

Don't forget that you can tear down a connection by sending a SYN in
the correct window as well.

-- 
Current mail filters: many dial-up/DSL/cable modem hosts, and the
following domains: atlas.cz, bigpond.com, postino.it, tiscali.co.uk,
tiscali.cz, tiscali.it, voila.fr.

<Prev in Thread] Current Thread [Next in Thread>