Date: Thu, 22 Apr 2004 04:16:03 -0500 (CDT) From: Mike Silbersack <silby@silby.com> To: Darren Reed <avalon@caligula.anu.edu.au> Cc: freebsd-security@freebsd.org Subject: Re: [Full-Disclosure] IETF Draft - Fix for TCP vulnerability (fwd) Message-ID: <20040422041136.A21358@odysseus.silby.com> In-Reply-To: <200404220829.i3M8TpcB022690@caligula.anu.edu.au> References: <200404220829.i3M8TpcB022690@caligula.anu.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 22 Apr 2004, Darren Reed wrote: > > Are you suggesting that we use the strict check during the ESTABLISHED > > phase, and the window-wide check during all other phases? > > Possibly :) > > I don't think it is important for session setup, but at the end of a > session, you generally want it to disappear from your connection table > sooner rather than later, right ? > > Furthermore, you're more likely to get a RST after a FIN has been > sent, by either party, if you send another ACK because the other > guy has decided to remove the socket already. Does this make > sense ? Yep, that makes sense. It would be very simple to implement as well. :) > Although this makes me wonder, what's the implication here for FIN > packets - is there none ? The draft refers to SYNs (which do get > special treatment) and RSTs (just more violent FIN packets.) > > If someone injects a FIN packet the way they would have done a RST, > what are the implications ? > Does a packet storm ensue ? > Does the FIN get ignored ? > Do FIN packets also need to be challenge-responsed now ? > > Darren I think that the third section of the draft covers this case when it talks about checking the sequence numbers in both directions for packets. Looks like we have a lot of testing to do. :| Mike "Silby" Silbersack
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040422041136.A21358>