funsec mailing list archives

Re: Naughty Comcast

From: Valdis.Kletnieks () vt edu
Date: Fri, 19 Oct 2007 13:11:01 -0400

On Fri, 19 Oct 2007 18:52:03 +0200, Florian Weimer said:

* Blue Boar:

I took that to mean they were injecting RST packets, ala the great
Firewall of China.


RST packets do not work that well to reduce bandwidth consumption
because the client immediately tries to establish a new connection
(maybe to a different host, but still).  You need to do something that
stalls the connection by confusing the TCP at one end.


Setting the TCP window to 3 bytes is a good start....

Attachment: _bin
Description:

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Naughty Comcast Alex Eckelberry (Oct 19)
- Re: Naughty Comcast Brian Loe (Oct 19)
  - Re: Naughty Comcast Valdis . Kletnieks (Oct 19)
    - Re: Naughty Comcast Blue Boar (Oct 19)
    - Re: Naughty Comcast Valdis . Kletnieks (Oct 19)
    - Re: Naughty Comcast Blue Boar (Oct 19)
    - Re: Naughty Comcast Florian Weimer (Oct 19)
    - Re: Naughty Comcast Valdis . Kletnieks (Oct 19)
    - Re: Naughty Comcast Dennis Henderson (Oct 19)
    - Re: Naughty Comcast Sean Donelan (Oct 19)
- Re: Naughty Comcast Gadi Evron (Oct 19)