nanog mailing list archives
Re: TCP receive window set to 0; DoS or not?
From: Travis Hassloch <travis.hassloch () rackspace com>
Date: Fri, 08 Sep 2006 16:33:03 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jim Shankland wrote:
To address the "DoS" question, I don't see how this protocol violation enables a DoS attack. More likely, it's simply somebody's buggy TCP stack misbehaving. That "somebody" is unlikely to be Windows, MacOS, FreeBSD, or Linux. My money is on some flavor of $50 NAT/"home router" box.
The part where it becomes a DoS is when they tie up all the listeners on a socket (e.g. apache), and nothing happens for several minutes until their connections time out. Whether intentional or not, it does have a negative effect. It's insidious in that it leaves no traces in the application logs; in particular, apache never logs anything because they never complete a transaction (it logs when they finish). - -- The whole point of the Internet is that different kinds of computers can interoperate. Every time you see a web site that only supports certain browsers or operating systems, they clearly don't get it. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFAeGPPlSPhv5tocwRAgSVAJ4qGEo/aR4CMaBcnsu+H6DyGpN7iACfcMAM FGvZWaAY2GYVSDLf37YUwbw= =RZ/F -----END PGP SIGNATURE-----
Current thread:
- TCP receive window set to 0; DoS or not? Travis Hassloch (Sep 07)
- Re: TCP receive window set to 0; DoS or not? billn (Sep 07)
- Re: TCP receive window set to 0; DoS or not? Richard A Steenbergen (Sep 07)
- Re: TCP receive window set to 0; DoS or not? billn (Sep 07)
- Re: TCP receive window set to 0; DoS or not? Steven M. Bellovin (Sep 07)
- Re: TCP receive window set to 0; DoS or not? Jim Shankland (Sep 07)
- Re: TCP receive window set to 0; DoS or not? Richard A Steenbergen (Sep 07)
- Re: TCP receive window set to 0; DoS or not? Travis Hassloch (Sep 08)
- Re: TCP receive window set to 0; DoS or not? Jim Shankland (Sep 08)
- Re: TCP receive window set to 0; DoS or not? Richard A Steenbergen (Sep 07)
- Re: TCP receive window set to 0; DoS or not? billn (Sep 07)
- <Possible follow-ups>
- Re: TCP receive window set to 0; DoS or not? billn (Sep 07)
- Re: TCP receive window set to 0; DoS or not? Christopher L. Morrow (Sep 07)
- Re: TCP receive window set to 0; DoS or not? David E. Smith (Sep 07)
- Re: TCP receive window set to 0; DoS or not? Robert E . Seastrom (Sep 08)
- Re: TCP receive window set to 0; DoS or not? Christopher L. Morrow (Sep 07)
- Re: TCP receive window set to 0; DoS or not? Fernando Gont (Sep 26)