In October 2002, Yoshifuji Hideaki introduced a
patch that prevents completely any duplication
of <local-addr, local-port, remote-addr, remote-port>,
even when SO_REUSEADDR is set, preventing port
stealing denial-of-service attacks. This also
has the side effect of not allowing a server to
be immediately restarted after being stopped,
because of the sockets that remain in the TCP_TIME_WAIT
state.
Would security be negatively impacted by relaxing
the restrictions introduced by the above patch
to allow a bind to a TCP port only if all existing
references to that TCP port were in the TCP_TIME_WAIT
state, and both the listening port and all of the
TCP_TIME_WAIT sockets had the SO_REUSEADDR flag set?
This relaxation would only help in the case of
servers where the listener and connected sockets
are all stopped at the same time, and not loosely
connect servers where the connected sockets are
handled in a separate process from the listener.
I don't want to use SO_REUSEPORT for two reasons.
The first is that SO_REUSEPORT allows binding
the same address twice for active sockets. The
second is that SO_REUSEPORT is not commonly enabled.
The top message regarding the patch is located here:
http://oss.sgi.com/projects/netdev/archive/2002-10/msg00035.html
--
John Haller
|