nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: TCP RST attack (the cause of all that MD5-o-rama)

From: James <haesu () towardex com>
Date: Tue, 20 Apr 2004 15:29:20 -0400

ah yes.. forgot about that :)

Thanks,
-J

On Tue, Apr 20, 2004 at 08:24:02PM +0100, Stephen J. Wilcox wrote:

On Tue, 20 Apr 2004, James wrote:


i can see this 'attack' operational against a multihop bgp session that's
not md5'd.

now the question is... would this also affect single-hop bgp sessions?
my understanding would be no, as single-hops require ttl set to 1.


you can engineer packets to make sure they have the right ttl when they arrive, 
ie if your 10 hops away, set ttl to 10 and it will be 1 on arrival :)

Steve



-J


On Tue, Apr 20, 2004 at 01:36:09PM -0400, Mike Tancsa wrote:




http://www.uniras.gov.uk/vuls/2004/236929/index.htm

--------------------------------------------------------------------
Mike Tancsa,                                        tel +1 519 651 3400
Sentex Communications,                              mike () sentex net
Providing Internet since 1994                    www.sentex.net
Cambridge, Ontario Canada                   www.sentex.net/mike





-- 
James Jun                                            TowardEX Technologies, Inc.
Technical Lead                        Network Design, Consulting, IT Outsourcing
james () towardex com                  Boston-based Colocation & Bandwidth Services
cell: 1(978)-394-2867           web: http://www.towardex.com , noc: www.twdx.net
Previous By Date Next
Previous By Thread Next

Current thread: