nanog mailing list archives
Re: TCP RST attack (the cause of all that MD5-o-rama)
From: "Peter Galbavy" <peter.galbavy () knowtion net>
Date: Wed, 21 Apr 2004 07:45:36 +0100
E.B. Dreger wrote:
I don't think we're even that far along. If I'm reading FreeBSD 4.9 and NetBSD 1.6.2 source correctly, /usr/src/sys/netinet/in_pcb.c
Should have stretched as far as OpenBSD then. Same file.
tells all.
AFAIK, sequential search is about it. Try a port number, verify that the src/dist ip+port combination is available, then go on to the next lport if the guessed one is in use.
As far as I can see - I have never read the code before, just the commit messages - the OpenBSD version does a circular, random search between high and low targets. Peter
Current thread:
- Re: TCP RST attack (the cause of all that MD5-o-rama), (continued)
- Re: TCP RST attack (the cause of all that MD5-o-rama) vijay gill (Apr 20)
- Re: TCP RST attack (the cause of all that MD5-o-rama) Iljitsch van Beijnum (Apr 20)
- Re: TCP RST attack (the cause of all that MD5-o-rama) Crist Clark (Apr 20)
- Re: TCP RST attack (the cause of all that MD5-o-rama) Simon Lockhart (Apr 21)
- Re: TCP RST attack (the cause of all that MD5-o-rama) Dan Hollis (Apr 20)
- Re: TCP RST attack (the cause of all that MD5-o-rama) Paul Vixie (Apr 20)
- Re: TCP RST attack (the cause of all that MD5-o-rama) Patrick W . Gilmore (Apr 20)
- Re: TCP RST attack (the cause of all that MD5-o-rama) Valdis . Kletnieks (Apr 20)
- Re: TCP RST attack (the cause of all that MD5-o-rama) Patrick W . Gilmore (Apr 20)
- Re: TCP RST attack (the cause of all that MD5-o-rama) E.B. Dreger (Apr 20)
- Re: TCP RST attack (the cause of all that MD5-o-rama) Peter Galbavy (Apr 20)
- Re: TCP RST attack (the cause of all that MD5-o-rama) E.B. Dreger (Apr 21)
- Re: TCP RST attack (the cause of all that MD5-o-rama) Crist Clark (Apr 21)
- Re: TCP RST attack (the cause of all that MD5-o-rama) Valdis . Kletnieks (Apr 20)
- Re: TCP RST attack (the cause of all that MD5-o-rama) Patrick W . Gilmore (Apr 21)