Bugtraq mailing list archives
Re: Excellent host SYN-attack fix for BSD hosts
From: davids () wiznet net (David Schwartz)
Date: Wed, 16 Oct 1996 13:27:36 -0400
If I understand T/TCP correctly, the SYN cookies approach shouldn't affect it at all. T/TCP only kicks in when you're talking to a host you've talked to before. SYN cookies could easily be employed only when talking to a host not in the host cache. (Which would likely happen automatically because you check against the host cache before normal SYN handling for the three-way handshake) DS On Wed, 16 Oct 1996, Casper Dik wrote:
According to Avi Freedman:contains a few bits for reference into a table of MSS values; window size and any initial data is discarded; and the rest of the ISS is the MD5 outputIt will also break T/TCP I think. While it is not a big issue at the moment it may become a real one later. Stevens in his thirs volume describe why T/TCP is a good thing and it will be seen more and more in the future.
Current thread:
- SECURITY HOLE IN AUTHENTICATION FORWARDING, (continued)
- SECURITY HOLE IN AUTHENTICATION FORWARDING Charles M. Hannum (Oct 10)
- Re: SECURITY HOLE IN AUTHENTICATION FORWARDING Tatu Ylonen (Oct 13)
- InterNIC Shenanigans (crypt-pw) Sean B. Hamor (Oct 11)
- Re: InterNIC Shenanigans (crypt-pw) Yiorgos Adamopoulos (Oct 11)
- Re: InterNIC Shenanigans (crypt-pw) Igor Chudov @ home (Oct 11)
- Re: InterNIC Shenanigans (crypt-pw) Steve Reid (Oct 12)
- Re: InterNIC Shenanigans (crypt-pw) Rogue Agent (Oct 12)
- SECURITY HOLE IN AUTHENTICATION FORWARDING Charles M. Hannum (Oct 10)
- Excellent host SYN-attack fix for BSD hosts Avi Freedman (Oct 11)
- Re: Excellent host SYN-attack fix for BSD hosts Ollivier Robert (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts Casper Dik (Oct 16)
- Re: Excellent host SYN-attack fix for BSD hosts David Schwartz (Oct 16)