Bugtraq mailing list archives

Re: Excellent host SYN-attack fix for BSD hosts

From: avalon () coombs anu edu au (Darren Reed)
Date: Tue, 15 Oct 1996 23:02:26 +1000


In some mail from Jeff Weisberg, sie said:


"Charles M. Hannum" <mycroft () mit edu> commented:
| It also breaks TCP's algorithm for
| recognizing stale data.

how so?

I admit that in writing the code, I was far more concerned with stopping
the attack we were under, than I was in any theoretical reliability concerns,
but the way we generate the iss (which I cannot take credit for), we will
not get values that are slightly less than a previous one for a given set of
{saddr,sport, daddr,dport} which should suffice for the above concern.


Hmmm, RFC1948 addresses the issue of generating a good ISS value.  Did you
implement this ?

Darren

Current thread:

Poorly setup news servers, (continued)
- - Poorly setup news servers Alan Brown (Oct 12)
    - HPUX PPP Bug - bugger.ppl Aleph One (Oct 12)
    - Re: Poorly setup news servers Bryan Reece (Oct 12)
  - Re: Excellent host SYN-attack fix for BSD hosts Avi Freedman (Oct 12)
- Re: Excellent host SYN-attack fix for BSD hosts Charles M. Hannum (Oct 13)
- Re: Excellent host SYN-attack fix for BSD hosts Casper Dik (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Granville Moore (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Vern Paxson (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Jeff Weisberg (Oct 14)
  - Re: Excellent host SYN-attack fix for BSD hosts Alan Cox (Oct 15)
  - Re: Excellent host SYN-attack fix for BSD hosts Darren Reed (Oct 15)
  - ftpd bug? Was: bin/1805: Bug in ftpd James Poland 6-5251 (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts Jeff Weisberg (Oct 14)
  - Re: Excellent host SYN-attack fix for BSD hosts Steve Kann (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts Jeff Weisberg (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts D. J. Bernstein (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts Vern Paxson (Oct 16)