Re: [Full-Disclosure] IETF Draft - Fix for TCP vulnerability (fwd)

From: Mike Silbersack (silby_at_silby.com)
Date: 04/22/04

  • Next message: Darren Reed: "Re: [Full-Disclosure] IETF Draft - Fix for TCP vulnerability (fwd)" 
    Date: Thu, 22 Apr 2004 01:28:20 -0500 (CDT)
To: Don Lewis <truckman@FreeBSD.org>

    On Wed, 21 Apr 2004, Don Lewis wrote:

    > On 21 Apr, Mike Silbersack wrote:
    > > Do you have access to a system that exhibits the "RST at end of window"
    > > syndrome so that you could code up and test out this part of the patch?
    >
    > Nope. The only report of this that I saw was from jayanth. Judging by
    > the tcpdump timestamps, it looks like whatever this wierd piece of
    > hardware was, it was nearby.

    Something just occured to me... we can just lump the "RST at end of
    window" case into the whole "RST somewhere in the window case". In that
    way, we only need two cases:

    1. RSTs exactly at last_ack_sent (always accepted)

    2. Everything else in the window (only accepted if "not under attack".)

    I could code up and test this over the weekend, if it sounds like a
    solution we're willing to go with.

    Mike "Silby" Silbersack
    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

  • Next message: Darren Reed: "Re: [Full-Disclosure] IETF Draft - Fix for TCP vulnerability (fwd)"

    Relevant Pages

    • Re: IE and Outlook Express flashing file dialog box
      ... issues with that patch than just this OE flashing behavior. ... OE window and that didn't work for me, ... Sir Timbit ... "Cumulative Security Update for Internet Explorer for Windows XP" ...
      (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
    • Re: [PATCH] x86_64: sync_tsc fix the race (so we can boot)
      ... I have some problem with this patch. ... >> which is a broadcast ipi. ... >> during that window will triple fault the cpu and do other nasty things. ... >> it fixes it for the right reasons. ...
      (Linux-Kernel)
    • Re: [openib-general] Re: TSO and IPoIB performance degradation
      ... kernels with and without one of the TSO patches. ... Tcpdump traces of what is being sent and available window? ... patch 1 - remove changeset 314324121f9b94b2ca657a494cf2b9cb0e4a28cc ... patch 1 in-kernel 464 ...
      (Linux-Kernel)
    • Re: [PATCH/RFC] Simplified Readahead
      ... overlapped read of current window and ahead window. ... >>I did run some premilinary tests using your patch and the above patches ... send the line "unsubscribe linux-kernel" in ...
      (Linux-Kernel)
    • Re: Enter Network Password
      ... I applied> the latest patch SR-3 yesterday. ... However, if you go back and click on the same link to> open it again, this time "Enter Network Password" window pops-up, though it> still takes me to the corresponding page even when I don't enter any> information and just click on Cancel. ... Why would I get> in the first time, but prompted for username, password, domain info every> time after the 1st click, though canceling this login doesn't stop from> viewing the page successfully! ... If I supply my network login then> it doesn't prompt for it again so long the session isn't terminated, but if> I close and open this same application in a new window, same things starts> again after the first click/view. ...
      (microsoft.public.inetserver.iis.security)