From owner-freebsd-hackers  Mon Jan  7 14:47:56 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from harrier.prod.itd.earthlink.net (harrier.mail.pas.earthlink.net [207.217.120.12])
	by hub.freebsd.org (Postfix) with ESMTP id D501737B416
	for <freebsd-hackers@freebsd.org>; Mon,  7 Jan 2002 14:47:46 -0800 (PST)
Received: from user-33qtmto.dsl.mindspring.com ([199.174.219.184] helo=gohan.cjclark.org)
	by harrier.prod.itd.earthlink.net with esmtp (Exim 3.33 #1)
	id 16NiYO-0003nj-00; Mon, 07 Jan 2002 14:47:45 -0800
Received: (from cjc@localhost)
	by gohan.cjclark.org (8.11.6/8.11.1) id g07MlDm01278;
	Mon, 7 Jan 2002 14:47:13 -0800 (PST)
	(envelope-from cjc)
Date: Mon, 7 Jan 2002 14:47:11 -0800
From: "Crist J. Clark" <cristjc@earthlink.net>
To: Yonatan Bokovza <Yonatan@xpert.com>
Cc: Leo Bicknell <bicknell@ufp.org>,
	"Rogier R. Mulhuijzen" <drwilco@drwilco.net>,
	freebsd-hackers@FreeBSD.ORG
Subject: Re: path_mtu_discovery
Message-ID: <20020107144711.A286@gohan.cjclark.org>
Reply-To: cjclark@alum.mit.edu
References: <EB513E68D3F5D41191CA000255588101B436F7@mailserv.xpert.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <EB513E68D3F5D41191CA000255588101B436F7@mailserv.xpert.com>; from Yonatan@xpert.com on Mon, Jan 07, 2002 at 01:57:26PM +0200
X-URL: http://people.freebsd.org/~cjc/
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

On Mon, Jan 07, 2002 at 01:57:26PM +0200, Yonatan Bokovza wrote:
> > -----Original Message-----
> > From: Crist J. Clark [mailto:cristjc@earthlink.net]
> > Sent: Sunday, January 06, 2002 02:39
> > To: Leo Bicknell
> > Cc: Rogier R. Mulhuijzen; freebsd-hackers@FreeBSD.ORG
> > Subject: Re: path_mtu_discovery
> [snip] 
> > I'd support it if anyone actually has any credible evidence that such
> > attacks have ever occured. Or if there is are plausible ways to attack
> > that don't require someone to sniff and inject into a connection in
> > which the victim is participating (if you can do that, you can do much
> > worse).
> 
> The original message of the "old thread" mentioned:
> http://docs.freebsd.org/cgi/getmsg.cgi?fetch=4186+0+archive/2001/freebsd-sec
> urity/20010715.freebsd-security
> 
> Darren Reed's post to BugTraq implied, IIRC, that an attacker can
> kill (or slow down) a server if he requests a large file with low MSS.

I took part in that discussion and there was no mention of real
exploits. And TCP MSS is not the same thing as the PMTU (though they
can be related).

As I pointed out in that thread, there are much more devistating TCP
attacks to worry about that are still threats like "Daytona" attacks.
-- 
"It's always funny until someone gets hurt. Then it's hilarious."

Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message