nanog mailing list archives
Re: Service provider story about tracking down TCP RSTs
From: William Herrin <bill () herrin us>
Date: Sun, 2 Sep 2018 07:45:17 -0400
On Sun, Sep 2, 2018 at 6:49 AM, Bjørn Mork <bjorn () mork no> wrote:
William Herrin <bill () herrin us> writes:On Sun, Sep 2, 2018 at 6:06 AM, Bjørn Mork <bjorn () mork no> wrote:William Herrin <bill () herrin us> writes:https://bill.herrin.us/network/anycasttcp.htmlI didn't see a security section in your document. Did you consider the side effects of this sequence number abuse?In the "issues and criticisms" section.I can see the effect on syn cookies being disussed there, but I don't think that covers all concerns wrt more predicatable sequence numbers. See RFC6528, including its references.
Thanks Bjørn, I've added several notes in "issues and criticisms" based on that information. Regards, Bill Herrin -- William Herrin ................ herrin () dirtside com bill () herrin us Dirtside Systems ......... Web: <http://www.dirtside.com/>
Current thread:
- Service provider story about tracking down TCP RSTs frnkblk (Sep 01)
- Re: Service provider story about tracking down TCP RSTs William Herrin (Sep 01)
- Re: Service provider story about tracking down TCP RSTs William Herrin (Sep 01)
- Re: Service provider story about tracking down TCP RSTs Lee (Sep 01)
- Re: Service provider story about tracking down TCP RSTs William Herrin (Sep 01)
- Re: Service provider story about tracking down TCP RSTs Lee (Sep 01)
- Re: Service provider story about tracking down TCP RSTs William Herrin (Sep 01)
- Re: Service provider story about tracking down TCP RSTs Bjørn Mork (Sep 02)
- Re: Service provider story about tracking down TCP RSTs William Herrin (Sep 02)
- Re: Service provider story about tracking down TCP RSTs Bjørn Mork (Sep 02)
- Re: Service provider story about tracking down TCP RSTs William Herrin (Sep 02)
- Re: Service provider story about tracking down TCP RSTs William Herrin (Sep 01)
- Re: Service provider story about tracking down TCP RSTs James Bensley (Sep 02)
- Re: Service provider story about tracking down TCP RSTs nanog (Sep 02)
- Re: Service provider story about tracking down TCP RSTs Tarko Tikan (Sep 02)
- Re: Service provider story about tracking down TCP RSTs Timothy Manito via NANOG (Sep 04)