Dailydave mailing list archives
Re: Cisco, and software patents.
From: Florian Weimer <fw () deneb enyo de>
Date: Wed, 12 May 2004 21:42:45 +0200
* Dave Aitel:
See, this right here is an example of something that makes you wonder wtf is wrong with people. Here Cisco claims a patent application on some various fixes they made to their TCP stack to prevent RST attacks.
Dave, please don't call these attacks "RST attacks". The RST part isn't the interesting bit about it. In this case, the IPR claim is a good thing. With all those well-known names in the draft, it's hard to argue against its flaws, and the IPR claim will hopefully prevent its adoption. IMHO, there are two flaws. The first one is the change that advises to send an ACK in response to certain RST segments. This seems to be an unnecessary drastic change to the TCP state machine. My other concern is more fundamental: If we start fixing weak points of the TCP state machine by fiddling with it, we might be forced to roll out a TCP upgrade twice a year, for the forseeable future. This is not acceptable. If we want to protect the TCP state engine against blind insertion attacks, we should introduce a "v-tag" or "cookie" that is the same in both directions, is negotiated at connection establishment, and remains constant during its lifetime. This concept is borrowed from SCTP, so it should be free from IPR claims. -- Current mail filters: many dial-up/DSL/cable modem hosts, and the following domains: atlas.cz, bigpond.com, di-ve.com, hotmail.com, jumpy.it, libero.it, netscape.net, postino.it, simplesnet.pt, tiscali.co.uk, tiscali.cz, tiscali.it, voila.fr, yahoo.com. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Cisco, and software patents. Dave Aitel (May 12)
- Re: Cisco, and software patents. Halvar Flake (May 12)
- Re: Cisco, and software patents. Florian Weimer (May 12)
- Re: Cisco, and software patents. Matt Hargett (May 13)