Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 18 Jul 2001 16:08:38 -0700 (PDT)
From:      Julian Elischer <julian@elischer.org>
To:        Chris Peterson <chris@potamus.org>
Cc:        freebsd-arch@freebsd.org
Subject:   Re: TCP Initial Sequence Numbers: We need to talk 
Message-ID:  <Pine.BSF.4.21.0107181601450.94740-100000@InterJet.elischer.org>
In-Reply-To: <001101c10fcc$7a7927f0$a586fa18@chris>
next in thread | previous in thread | raw e-mail | index | archive | help 
And what if the encoded port number comes out to be teh same as an
existing port number to the same destination?

Is it guaranteed that there is exactly one cleartext input for each RC5
output?

This succests that the clent selects (indirectly) both
sequence numbers.
A new sequence number may be in the TIMEWAIT window of a recently
shutdown session..

The server cannot send any data until it hears from the client
with an ACK again?
(e.g. cannot send "login:")



On Wed, 18 Jul 2001, Chris Peterson wrote:

> Steve Gibson has written a paper describing his algorithm (called GENESIS)
> to defend against SYN floods. I don't know if he has implemented it or if
> his idea is even feasible. His algorithm is so simple, I suspect he must be
> overlooking something.
> 
> Basically, he proposes that the server responds to client SYNs with a
> SYN/ACK whose ISN is the client SYN's ISN plus the RC5 encrypted client
> source IP address. When the server receives an ACK reply, it subtracts the
> client's ACK ISN and decrypts the result. If the decrypted value equals the
> client's source IP address, then this is a valid ACK. The server postpones
> maintaining TCP connection state until after receiving a valid ACK reply to
> its SYN/ACK.
> 
> More information about GENESIS:
> http://grc.com/r&d/nomoredos2.htm
> 
> 
> chris
> 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-arch" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0107181601450.94740-100000>