From owner-freebsd-current Fri Sep 4 04:24:13 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA10160 for freebsd-current-outgoing; Fri, 4 Sep 1998 04:24:13 -0700 (PDT) (envelope-from owner-freebsd-current@FreeBSD.ORG) Received: from verdi.nethelp.no (verdi.nethelp.no [158.36.41.162]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id EAA10155 for ; Fri, 4 Sep 1998 04:24:10 -0700 (PDT) (envelope-from sthaug@nethelp.no) From: sthaug@nethelp.no Received: (qmail 22674 invoked by uid 1001); 4 Sep 1998 11:23:03 +0000 (GMT) To: freebsd-current@FreeBSD.ORG Subject: Should FreeBSD-3.0 ship with RFC 1644 (T/TCP) turned off by default? X-Mailer: Mew version 1.05+ on Emacs 19.34.2 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Date: Fri, 04 Sep 1998 13:23:03 +0200 Message-ID: <22672.904908183@verdi.nethelp.no> Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG It might be a good idea if FreeBSD-3.0 shipped with RFC 1644 extensions (T/TCP) turned *off* by default. It still defaults to on in tcp_subr.c version 1.46. Steinar Haug, Nethelp consulting, sthaug@nethelp.no ---------------------------------------------------------------------- Date: Fri, 4 Sep 1998 07:04:33 -0400 (EDT) Message-Id: <199809041104.HAA10917@lunacity.ne.mediaone.net> From: "Charles M. Hannum" To: "W. Richard Stevens" Cc: perry@piermont.com, Mohit Aron , tcp-impl@cthulhu.engr.sgi.com (TCP Implementor's List) Subject: Re: status of T/TCP >> Charles Hannum really should submit his "T/TCP Considered Harmful" as >> an informational RFC at some point. > > It's only a few pages, and was in the end2end archives (13 Sep 1996), > so here it is. I actually submitted it to rfc-editor around the same time. I never received a response, and I'm not sure it was ever published as a draft. It's interesting (amusing?) to note that, on 19980407 (19 months after my draft was originally sent out), an exploit for the `Host-Based Authorization' hole against FreeBSD was published on bugtraq. A patch was issued ~1 month later, which was intended to disable the accepting of a connection count for services which did not explicitly request T/TCP on the listening socket (a workaround which I had forgotten to mention in the draft), but the patch was broken and went through several revisions. I don't know what the current status of this is. The problems related to SYN flooding and sequence number attacks have never been addressed -- nor has the compatibility issue with old TCP implementations mentioned in passing in the conclusions section (which I can explain better if anyone is interested), which I believe has been shown to affect communication with some embedded TCP implementations. Furthermore, the case that T/TCP was originally designed for (HTTP) has been more or less resolved by changing the application layer anyway. So I wonder if there is even a point in discussing T/TCP any more. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message