Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 21 Apr 2004 01:50:28 -0500 (CDT)
From:      Mike Silbersack <silby@silby.com>
To:        Don Lewis <truckman@FreeBSD.org>
Cc:        avalon@caligula.anu.edu.au
Subject:   Re: [Full-Disclosure] IETF Draft - Fix for TCP vulnerability (fwd)
Message-ID:  <20040421014736.H1228@odysseus.silby.com>
In-Reply-To: <200404210346.i3L3ki7E045504@gw.catspoiler.org>
References:  <200404210346.i3L3ki7E045504@gw.catspoiler.org>

next in thread | previous in thread | raw e-mail | index | archive | help

On Tue, 20 Apr 2004, Don Lewis wrote:

> I am concerned that step C will not solve the compatibility problem. The
> FreeBSD host is sending a FIN to close an established connection, and
> the peer host adding the window size advertised in the FIN packet to the
> sequence number acknowledged in the FIN packet, and using the sum as the
> sequence number for the RST packet, which puts the sequence number at
> the end of the receive window.

Would it be feasible for us to create a four to five element array to
track "resettable" sequence numbers?  This could hold the sequence numbers
of the last few packets transmitted, and account for that edge case as
well.  I'm very uneasy with the IETF step C - sending more packets out
into the network sounds like a new type of amplification attack.

Mike "Silby" Silbersack



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040421014736.H1228>