[3490] in bugtraq
Re: Excellent host SYN-attack fix for BSD hosts
daemon@ATHENA.MIT.EDU (David Schwartz)
Thu Oct 17 06:26:19 1996
Date: Wed, 16 Oct 1996 13:27:36 -0400
Reply-To: David Schwartz <davids@wiznet.net>
From: David Schwartz <davids@wiznet.net>
X-To: Casper Dik <casper@holland.Sun.COM>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <199610160711.JAA16694@albano>
If I understand T/TCP correctly, the SYN cookies approach
shouldn't affect it at all. T/TCP only kicks in when you're talking to a
host you've talked to before. SYN cookies could easily be employed only
when talking to a host not in the host cache. (Which would likely happen
automatically because you check against the host cache before normal SYN
handling for the three-way handshake)
DS
On Wed, 16 Oct 1996, Casper Dik wrote:
> >According to Avi Freedman:
> >> contains a few bits for reference into a table of MSS values; window size
> >> and any initial data is discarded; and the rest of the ISS is the MD5 output
> >
> >It will also break T/TCP I think. While it is not a big issue at the moment
> >it may become a real one later. Stevens in his thirs volume describe why
> >T/TCP is a good thing and it will be seen more and more in the future.
