From owner-freebsd-hackers Mon Jan 7 14:47:56 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from harrier.prod.itd.earthlink.net (harrier.mail.pas.earthlink.net [207.217.120.12]) by hub.freebsd.org (Postfix) with ESMTP id D501737B416 for ; Mon, 7 Jan 2002 14:47:46 -0800 (PST) Received: from user-33qtmto.dsl.mindspring.com ([199.174.219.184] helo=gohan.cjclark.org) by harrier.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16NiYO-0003nj-00; Mon, 07 Jan 2002 14:47:45 -0800 Received: (from cjc@localhost) by gohan.cjclark.org (8.11.6/8.11.1) id g07MlDm01278; Mon, 7 Jan 2002 14:47:13 -0800 (PST) (envelope-from cjc) Date: Mon, 7 Jan 2002 14:47:11 -0800 From: "Crist J. Clark" To: Yonatan Bokovza Cc: Leo Bicknell , "Rogier R. Mulhuijzen" , freebsd-hackers@FreeBSD.ORG Subject: Re: path_mtu_discovery Message-ID: <20020107144711.A286@gohan.cjclark.org> Reply-To: cjclark@alum.mit.edu References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from Yonatan@xpert.com on Mon, Jan 07, 2002 at 01:57:26PM +0200 X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 07, 2002 at 01:57:26PM +0200, Yonatan Bokovza wrote: > > -----Original Message----- > > From: Crist J. Clark [mailto:cristjc@earthlink.net] > > Sent: Sunday, January 06, 2002 02:39 > > To: Leo Bicknell > > Cc: Rogier R. Mulhuijzen; freebsd-hackers@FreeBSD.ORG > > Subject: Re: path_mtu_discovery > [snip] > > I'd support it if anyone actually has any credible evidence that such > > attacks have ever occured. Or if there is are plausible ways to attack > > that don't require someone to sniff and inject into a connection in > > which the victim is participating (if you can do that, you can do much > > worse). > > The original message of the "old thread" mentioned: > http://docs.freebsd.org/cgi/getmsg.cgi?fetch=4186+0+archive/2001/freebsd-sec > urity/20010715.freebsd-security > > Darren Reed's post to BugTraq implied, IIRC, that an attacker can > kill (or slow down) a server if he requests a large file with low MSS. I took part in that discussion and there was no mention of real exploits. And TCP MSS is not the same thing as the PMTU (though they can be related). As I pointed out in that thread, there are much more devistating TCP attacks to worry about that are still threats like "Daytona" attacks. -- "It's always funny until someone gets hurt. Then it's hilarious." Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message