nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: TCP RST attack (the cause of all that MD5-o-rama)

From: Owen DeLong <owen () delong com>
Date: Tue, 20 Apr 2004 11:58:13 -0700
How do you tell an adjacent TTL set to 1 from a TTL set to 5 four hops away?

Owen


--On Tuesday, April 20, 2004 14:54 -0400 James <haesu () towardex com> wrote:



now let me take a bite at this :P

i can see this 'attack' operational against a multihop bgp session that's
not md5'd.

now the question is... would this also affect single-hop bgp sessions?
my understanding would be no, as single-hops require ttl set to 1.

-J


On Tue, Apr 20, 2004 at 01:36:09PM -0400, Mike Tancsa wrote:




http://www.uniras.gov.uk/vuls/2004/236929/index.htm

--------------------------------------------------------------------
Mike Tancsa,                                      tel +1 519 651 3400
Sentex Communications,                            mike () sentex net
Providing Internet since 1994                    www.sentex.net
Cambridge, Ontario Canada                         www.sentex.net/mike




--
If this message was not signed with gpg key 0FE2AA3D, it's probably
a forgery.

Attachment: _bin
Description:

Previous By Date Next
Previous By Thread Next

Current thread: