Re: Cisco, and software patents.

[Florian Weimer <fw () deneb enyo de>]

* Dave Aitel:

> See, this right here is an example of something that makes you wonder
> wtf is wrong with people. Here Cisco claims a patent application on
> some various fixes they made to their TCP stack to prevent RST attacks.

Dave, please don't call these attacks "RST attacks".  The RST part
isn't the interesting bit about it.

In this case, the IPR claim is a good thing.  With all those
well-known names in the draft, it's hard to argue against its flaws,
and the IPR claim will hopefully prevent its adoption.

IMHO, there are two flaws.  The first one is the change that advises
to send an ACK in response to certain RST segments.  This seems to be
an unnecessary drastic change to the TCP state machine.  My other
concern is more fundamental: If we start fixing weak points of the TCP
state machine by fiddling with it, we might be forced to roll out a
TCP upgrade twice a year, for the forseeable future.  This is not
acceptable.  If we want to protect the TCP state engine against blind
insertion attacks, we should introduce a "v-tag" or "cookie" that is
the same in both directions, is negotiated at connection
establishment, and remains constant during its lifetime.  This concept
is borrowed from SCTP, so it should be free from IPR claims.

-- 
Current mail filters: many dial-up/DSL/cable modem hosts, and the
following domains: atlas.cz, bigpond.com, di-ve.com, hotmail.com,
jumpy.it, libero.it, netscape.net, postino.it, simplesnet.pt,
tiscali.co.uk, tiscali.cz, tiscali.it, voila.fr, yahoo.com.
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave