Bugtraq mailing list archives
Re: Excellent host SYN-attack fix for BSD hosts
From: casper () holland Sun COM (Casper Dik)
Date: Wed, 16 Oct 1996 09:11:51 +0200
According to Avi Freedman:contains a few bits for reference into a table of MSS values; window size and any initial data is discarded; and the rest of the ISS is the MD5 outputIt will also break T/TCP I think. While it is not a big issue at the moment it may become a real one later. Stevens in his thirs volume describe why T/TCP is a good thing and it will be seen more and more in the future.
It will not necessarily break T/TCP. T/TCP is supposed to be compatible w/ TCP and I think you can pretend that you only ack'ed the SYN rather than the data + FIN that come with T/TCP in the same packet. There are some options that are only send with SYN and which may need to be encoded, and you may quickly run out of sufficient bits to prevent entering through a "SYN" filter. If you insist on SYN-cookies, make sure you use them as fall-back strategy only. I.e., when the queue is (near) full. As for T/TCP, Steven's book is inconsistent in saying that it is compatible first and then saying it really is not as soon as your packets are bigger than the MAXMSS (as soon as the fragments arrive out of order, you're in trouble) So T/TCP is only benificial of reply & response fit in 500 or so bytes, such transactions are a-typical, even for HTTP for which T/TCP was originally developed (most replies are much longer) Casper
Current thread:
- Sun Security Bulletin #136, (continued)
- Sun Security Bulletin #136 Mark Graff (Oct 10)
- SECURITY HOLE IN AUTHENTICATION FORWARDING Charles M. Hannum (Oct 10)
- Re: SECURITY HOLE IN AUTHENTICATION FORWARDING Tatu Ylonen (Oct 13)
- InterNIC Shenanigans (crypt-pw) Sean B. Hamor (Oct 11)
- Re: InterNIC Shenanigans (crypt-pw) Yiorgos Adamopoulos (Oct 11)
- Re: InterNIC Shenanigans (crypt-pw) Igor Chudov @ home (Oct 11)
- Re: InterNIC Shenanigans (crypt-pw) Steve Reid (Oct 12)
- Re: InterNIC Shenanigans (crypt-pw) Rogue Agent (Oct 12)
- Excellent host SYN-attack fix for BSD hosts Avi Freedman (Oct 11)
- Re: Excellent host SYN-attack fix for BSD hosts Ollivier Robert (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts Casper Dik (Oct 16)
- Re: Excellent host SYN-attack fix for BSD hosts David Schwartz (Oct 16)