Date: Fri, 4 Oct 2002 10:22:53 -0700 (PDT) From: John Polstra <jdp@polstra.com> To: net@freebsd.org Cc: julian@elischer.org Subject: Re: Anyone T/TCP? Message-ID: <200210041722.g94HMrbG002976@vashon.polstra.com> In-Reply-To: <Pine.BSF.4.21.0210040804420.13322-100000@InterJet.elischer.org> References: <Pine.BSF.4.21.0210040804420.13322-100000@InterJet.elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <Pine.BSF.4.21.0210040804420.13322-100000@InterJet.elischer.org>, Julian Elischer <julian@elischer.org> wrote: > Richard Stevens was the great T/TCP proponent. Since his untimely > demise, it has been languishig.. I think many firewalls now routinely > block packets with both SYN and FIN which is what T/TCP does. Accepting incoming T/TCP creates a pretty serious DoS vulnerability, doesn't it? The very first packet contains the request, which the server must act upon and reply to without further delay. There is no 3-way handshake, so a simple attack using spoofed source addresses can impose a huge load on the victim. John -- John Polstra John D. Polstra & Co., Inc. Seattle, Washington USA "Disappointment is a good sign of basic intelligence." -- Chögyam Trungpa To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200210041722.g94HMrbG002976>