Date: Tue, 3 Jun 1997 07:23:20 +0200 (SAT) From: John Hay <jhay@zibbi.mikom.csir.co.za> To: adam@homeport.org (Adam Shostack) Cc: wollman@khavrinen.lcs.mit.edu, darrenr@cyber.com.au, security@FreeBSD.ORG Subject: Re: TCP RST Handling in 2.2 (fwd) Message-ID: <199706030523.HAA03199@zibbi.mikom.csir.co.za> In-Reply-To: <199706030324.XAA20211@homeport.org> from Adam Shostack at "Jun 2, 97 11:24:15 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> > Garrett Wollman wrote: > | <<On Tue, 3 Jun 1997 08:38:23 +1000 (EST), Darren Reed <darrenr@cyber.com.au> said: > | > | > Currently, not even the SEQ number is verified (for an RST packet) - i.e. > | > that the ACK does acknowledge the SYN. > | > | > I think there is room for improvement in the code. Comments ? > | > | Certainly. It might also be worth implementing the three-way RST > | handshake which has been proposed by some to fill some theoretical > | gaps in TCP's handling of resets which could (very rarely) result in > | innocent connections getting reset. > > I'd strongly recommend against implementing a non standard > TCP mod as anything but an option for those who want to play with it. > Please don't put it in the base code. > But if we can get something better than we have now, I would feel a lot better. Last week we had the case here where tcp connections between machines would just die at random with a "connection reset by peer" message. It turned out that there was an old Windows 3.1 box with Trumpet Winsock v1.0b which send Reset messages "at random" for connections that had nothing to do with it, execept that it was on the same piece of ethernet coax. John -- John Hay -- John.Hay@mikom.csir.co.za
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706030523.HAA03199>