Date: Mon, 7 Jan 2002 14:47:11 -0800 From: "Crist J. Clark" <cristjc@earthlink.net> To: Yonatan Bokovza <Yonatan@xpert.com> Cc: Leo Bicknell <bicknell@ufp.org>, "Rogier R. Mulhuijzen" <drwilco@drwilco.net>, freebsd-hackers@FreeBSD.ORG Subject: Re: path_mtu_discovery Message-ID: <20020107144711.A286@gohan.cjclark.org> In-Reply-To: <EB513E68D3F5D41191CA000255588101B436F7@mailserv.xpert.com>; from Yonatan@xpert.com on Mon, Jan 07, 2002 at 01:57:26PM %2B0200 References: <EB513E68D3F5D41191CA000255588101B436F7@mailserv.xpert.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 07, 2002 at 01:57:26PM +0200, Yonatan Bokovza wrote: > > -----Original Message----- > > From: Crist J. Clark [mailto:cristjc@earthlink.net] > > Sent: Sunday, January 06, 2002 02:39 > > To: Leo Bicknell > > Cc: Rogier R. Mulhuijzen; freebsd-hackers@FreeBSD.ORG > > Subject: Re: path_mtu_discovery > [snip] > > I'd support it if anyone actually has any credible evidence that such > > attacks have ever occured. Or if there is are plausible ways to attack > > that don't require someone to sniff and inject into a connection in > > which the victim is participating (if you can do that, you can do much > > worse). > > The original message of the "old thread" mentioned: > http://docs.freebsd.org/cgi/getmsg.cgi?fetch=4186+0+archive/2001/freebsd-sec > urity/20010715.freebsd-security > > Darren Reed's post to BugTraq implied, IIRC, that an attacker can > kill (or slow down) a server if he requests a large file with low MSS. I took part in that discussion and there was no mention of real exploits. And TCP MSS is not the same thing as the PMTU (though they can be related). As I pointed out in that thread, there are much more devistating TCP attacks to worry about that are still threats like "Daytona" attacks. -- "It's always funny until someone gets hurt. Then it's hilarious." Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020107144711.A286>