nanog mailing list archives
Re: Massive stupidity (Was: Re: TCP vulnerability)
From: Sean Donelan <sean () donelan com>
Date: Tue, 20 Apr 2004 17:45:00 -0400 (EDT)
On Tue, 20 Apr 2004, Richard A Steenbergen wrote:
Anyone who seriously wanted to protect against this attack could easily deploy RST rate limits against their management interfaces, rather than run around trying to set up MD5 with every peer. As a long term improvement, a random ephemeral port selection process could be used.
Insufficient to completely protect against the identified vulnerabilities. Please continue reading.
Current thread:
- TCP vulnerability Grant A. Kirkwood (Apr 20)
- Re: TCP vulnerability Aviva Garrett (Apr 20)
- Re: TCP vulnerability Joe Abley (Apr 20)
- Re: TCP vulnerability Randy Bush (Apr 20)
- Re: TCP vulnerability Joe Abley (Apr 20)
- Re: TCP vulnerability Stephen Stuart (Apr 20)
- Re: TCP vulnerability Tom (UnitedLayer) (Apr 20)
- Re: TCP vulnerability Joe Abley (Apr 20)
- Re: TCP vulnerability Aviva Garrett (Apr 20)
- Massive stupidity (Was: Re: TCP vulnerability) Richard A Steenbergen (Apr 20)
- Re: Massive stupidity (Was: Re: TCP vulnerability) Sean Donelan (Apr 20)
- Re: Massive stupidity (Was: Re: TCP vulnerability) Mike Tancsa (Apr 20)
- Re: Massive stupidity (Was: Re: TCP vulnerability) Patrick W . Gilmore (Apr 20)
- TCP/BGP vulnerability - easier than you think David Luyer (Apr 20)
- Re: TCP/BGP vulnerability - easier than you think Patrick W . Gilmore (Apr 20)
- Re: TCP/BGP vulnerability - easier than you think Rob Thomas (Apr 20)
- Re: TCP/BGP vulnerability - easier than you think Joe Abley (Apr 20)
- RE: TCP/BGP vulnerability - easier than you think David Luyer (Apr 20)
- Re: TCP/BGP vulnerability - easier than you think Adam Rothschild (Apr 21)
- Re: TCP/BGP vulnerability - easier than you think E.B. Dreger (Apr 21)
- Re: TCP/BGP vulnerability - easier than you think E.B. Dreger (Apr 22)