| To: | alex@xxxxxxxxxxxx |
|---|---|
| Subject: | Re: tcp vulnerability? haven't seen anything on it here... |
| From: | Florian Weimer <fw@xxxxxxxxxxxxx> |
| Date: | Fri, 23 Apr 2004 12:31:02 +0200 |
| Cc: | linux-kernel@xxxxxxxxxxxxxxx, <netdev@xxxxxxxxxxx> |
| In-reply-to: | <Pine.LNX.4.44.0404221030240.2738-100000@xxxxxxxxxxxxxxxxx> (alex@xxxxxxxxxxxx's message of "Thu, 22 Apr 2004 10:37:42 -0400 (EDT)") |
| References: | <Pine.LNX.4.44.0404221030240.2738-100000@xxxxxxxxxxxxxxxxx> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
alex@xxxxxxxxxxxx writes: > Not quite. With a SYN you have to respond with exactly the same sequence > number as attacking host in order to establish connection. With RST, your > sequence number needs to be +- rwin in order to kill the connection. That > significantly reduces search space. Don't forget that you can tear down a connection by sending a SYN in the correct window as well. -- Current mail filters: many dial-up/DSL/cable modem hosts, and the following domains: atlas.cz, bigpond.com, postino.it, tiscali.co.uk, tiscali.cz, tiscali.it, voila.fr. |
| Previous by Date: | Re: RST business, Steve Modica |
|---|---|
| Next by Date: | Re: IMQ / new Dummy device post., jamal |
| Previous by Thread: | Re: tcp vulnerability? haven't seen anything on it here..., alex |
| Next by Thread: | Re: tcp vulnerability? haven't seen anything on it here..., Florian Weimer |
| Indexes: | [Date] [Thread] [Top] [All Lists] |