nanog mailing list archives
re: TCP vulnerability
From: Allison Mankin <mankin () psg com>
Date: Tue, 20 Apr 2004 12:04:09 -0700
Hi, For those not helped too much the MD5 Signature Option, this i-d addresses the attacks in the Watson paper (it was meant to come out just when the advisory came out, but they jumped the gun). There are implementations in *xes and router OSes - more info from those sources. Allison -------- Forwarded Message A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the TCP Maintenance and Minor Extensions Working Group of the IETF. Title : Transmission Control Protocol security considerations Author(s) : R. Stewart Filename : draft-ietf-tcpm-tcpsecure-00.txt Pages : 10 Date : 2004-4-20 TCP (RFC793 [1]) is widely deployed and one of the most often used reliable end to end protocols for data communication. Yet when it was defined over 20 years ago the internet, as we know it, was a different place lacking many of the threats that are now common. Recently several rather serious threats have been detailed that can pose new methods for both denial of service and possibly data injection by blind attackers. This document details those threats and also proposes some small changes to the way TCP handles inbound segments that either eliminate the threats or at least minimize them to a more acceptable level. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt - --4737358894.1082487684/segue.merit.edu-- ------- End of Forwarded Message
Current thread:
- Re: TCP/BGP vulnerability - easier than you think, (continued)
- Re: TCP/BGP vulnerability - easier than you think Priscilla Oppenheimer (Apr 26)
- Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 27)
- Re: TCP/BGP vulnerability - easier than you think Priscilla Oppenheimer (Apr 27)
- Re: TCP/BGP vulnerability - easier than you think Simon Leinen (Apr 28)
- Re: TCP/BGP vulnerability - easier than you think Todd Vierling (Apr 21)
- Re: TCP/BGP vulnerability - easier than you think Pete Kruckenberg (Apr 21)
- Vendor TCP oops-es (was Re: TCP/BGP vulnerability) Todd Vierling (Apr 21)
- Re: Vendor TCP oops-es (was Re: TCP/BGP vulnerability) Iljitsch van Beijnum (Apr 21)
- Re: Massive stupidity (Was: Re: TCP vulnerability) Alexei Roudnev (Apr 22)