| To: | Chris Friesen <cfriesen@xxxxxxxxxxxxxxxxxx> |
|---|---|
| Subject: | Re: tcp vulnerability? haven't seen anything on it here... |
| From: | Jörn Engel <joern@xxxxxxxxxxxxxxxxxxxx> |
| Date: | Wed, 21 Apr 2004 19:03:40 +0200 |
| Cc: | netdev@xxxxxxxxxxx, Linux Kernel Mailing List <linux-kernel@xxxxxxxxxxxxxxx> |
| In-reply-to: | <4086A077.2000705@xxxxxxxxxxxxxxxxxx> |
| References: | <40869267.30408@xxxxxxxxxxxxxxxxxx> <Pine.LNX.4.53.0404211153550.1169@chaos> <4086A077.2000705@xxxxxxxxxxxxxxxxxx> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
| User-agent: | Mutt/1.3.28i |
On Wed, 21 April 2004 12:25:27 -0400, Chris Friesen wrote: > > The impression I got was that some equipment was much more vulnerable > due to having a) massive windows, and b) using sequential source ports, > making it much easier to guess even if you can't tap the line. Heise.de made it appear, as if the only news was that with tcp windows, the propability of guessing the right sequence number is not 1:2^32 but something smaller. They said that 64k packets would be enough, so guess what the window will be. Obvious solution would be to use a small window, which would cost performance. Different solution would be to use a different window size for reset, like, say, 1. Not sure if that would still be standard, though. Jörn -- The cost of changing business rules is much more expensive for software than for a secretaty. -- unknown |
| Previous by Date: | Re: tcp vulnerability? haven't seen anything on it here..., Chris Friesen |
|---|---|
| Next by Date: | Re: 2.6.4 sunrpc oops., J. Bruce Fields |
| Previous by Thread: | Re: tcp vulnerability? haven't seen anything on it here..., Chris Friesen |
| Next by Thread: | Re: tcp vulnerability? haven't seen anything on it here..., David S. Miller |
| Indexes: | [Date] [Thread] [Top] [All Lists] |