nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Service provider story about tracking down TCP RSTs

From: William Herrin <bill () herrin us>
Date: Sun, 2 Sep 2018 07:45:17 -0400
On Sun, Sep 2, 2018 at 6:49 AM, Bjørn Mork <bjorn () mork no> wrote:

William Herrin <bill () herrin us> writes:

On Sun, Sep 2, 2018 at 6:06 AM, Bjørn Mork <bjorn () mork no> wrote:

William Herrin <bill () herrin us> writes:

 https://bill.herrin.us/network/anycasttcp.html


I didn't see a security section in your document.  Did you consider the
side effects of this sequence number abuse?


In the "issues and criticisms" section.


I can see the effect on syn cookies being disussed there, but I don't
think that covers all concerns wrt more predicatable sequence numbers.

See RFC6528, including its references.


Thanks Bjørn,

I've added several notes in "issues and criticisms" based on that information.

Regards,
Bill Herrin



-- 
William Herrin ................ herrin () dirtside com  bill () herrin us
Dirtside Systems ......... Web: <http://www.dirtside.com/>
Previous By Date Next
Previous By Thread Next

Current thread: