netdev
[Top] [All Lists]

Re: tcp vulnerability? haven't seen anything on it here...

To: jamal <hadi@xxxxxxxxxx>
Subject: Re: tcp vulnerability? haven't seen anything on it here...
From: alex@xxxxxxxxxxxx
Date: Fri, 23 Apr 2004 10:15:54 -0400 (EDT)
Cc: linux-kernel@xxxxxxxxxxxxxxx, <netdev@xxxxxxxxxxx>
In-reply-to: <1082640135.1059.93.camel@jzny.localdomain>
Sender: netdev-bounce@xxxxxxxxxxx
> And for something like a huge download to just regular joe, this is more
> of a nuisance assuming some kiddie has access between you and the
> server. OTOH, long lived BGP sessions are affected assuming you are
> going across hostile path to your peer.
Again - no hostile path necessary. Attack is brute-force and does not rely 
on MITM.

> So whats all this ado about nothing? Local media made it appear we are
> all about to die.
Pretty much.
> 
> Is anyone working on some fix?
In networking world, there was a craze of enabling TCP-MD5 for BGP
sessions reacting to this attack. There is alternative solution, "TTL
hack", relying that most BGP sessions are between directly-connected 
routers, so if connection originator sets TTL to 255 and receiver verifies 
that TTL on incoming packet is 255, you can be reasonably certain that the 
packet was sent by someone directly connected to you. ;)

-alex


<Prev in Thread] Current Thread [Next in Thread>