netdev
[Top] [All Lists]

Re: T/TCP Problems can be solved.

To: laudney@xxxxxxxx
Subject: Re: T/TCP Problems can be solved.
From: Ben Greear <greearb@xxxxxxxxxxxxxxx>
Date: Wed, 13 Feb 2002 21:45:40 -0700
Cc: Netdev <netdev@xxxxxxxxxxx>
Organization: Candela Technologies
References: <200202140407.g1E47f915138@oss.sgi.com>
Sender: owner-netdev@xxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.4) Gecko/20011019 Netscape6/6.2
For those of us who are ignorant of T/TCP, what are the benefits
of the protocol (it has to be more than just not broken for me
to get interested in it :))

Thanks,
Ben

Laurence wrote:

On mlists.linux.kernel, on comp.os.linux.development.sys, I keep hearing from 
people who say T/TCP is fundamentally broken because it has various serious 
flaws:
1. T/TCP guesses an unreasonable window size (4k) for its peer and sends SYN 
with data accordingly.

It can be easily changed into 2*MSS, which is used in standard TCP 
implementations.

2. T/TCP has great potential for DoS attacks.

Because T/TCP sends data along with first SYN, ttcp is more vulnerable to DoS 
attacks. But, if ttcp queues the data only TAO succeeds and discards it if TAO 
fails, this problem can be greatly lessened. Adding some host validation 
methods may fully solve this problem.

3. T/TCP has great potential for r-* services attacks.

TCP also has it! It's always recommended that r-* be turned off. And r-* is 
being replaced by SSH etc. Besides, ttcp sends packets with PUSH flag. r-* 
refuses any packet with PUSH flag. So, there should be no problem.



FreeBSD integrates ttcp in its kernel. This can be a strong evidence about 
ttcp's applicability.

T/TCP is considered flawed mainly because RFC 1644 doesn't consider security  
problems. It definitely needs improvements. A new RFC is necessary at the end.

What I'm going to do is to implement a "basic" ttcp patch based on RFC 1644. 
Then, when people download the patch and test it, I'll collect every posted problems 
along with it and modify the patch accordingly. During the same process, I'll find out 
what improvements are needed for RFC 1644 and draft a new one.

So, I hope people don't simply discard TTCP. Anyway, there will be more 
benefits for all of us if TTCP is fixed instead of being thrown away. I can't 
do that alone without your support and help.
Thanks.


------- Laudney




--
Ben Greear <greearb@xxxxxxxxxxxxxxx>       <Ben_Greear AT excite.com>
President of Candela Technologies Inc      http://www.candelatech.com
ScryMUD:  http://scry.wanfear.com     http://scry.wanfear.com/~greear



<Prev in Thread] Current Thread [Next in Thread>