[2327] in bugtraq
Re: denial of service attack possible
daemon@ATHENA.MIT.EDU (System Administrator)
Wed Nov 1 13:36:25 1995
Date: Mon, 30 Oct 1995 20:14:01 +0000
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: System Administrator <root@iifeak.swan.ac.uk>
X-To: BUGTRAQ@crimelab.com
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
In-Reply-To: <9510271652.AA17856@galt.sdsc.edu> from "Andrew Gross" at Oct 27,
95 09:52:31 am
> The internet draft draft-heavens-problems-rsts-00.txt describes the
> problem in detail. In short, TCP doesn't handle RSTs correctly during
> the open and close negotiations of a connection.
Heaven's is something else. The fundamental problem is TCP requires a
sequence space is not reused for 2 minutes (supposed worst case rtt). PAWS
(RFC1331) extends this further by extending the effective sequence space, but
still at the end of the day it comes up because you need infinite sequence space
to never reuse an identifier.
Heavens and also RFC1337 show cases where the protection in TCP is in adequate
and you can get errors in data (in theory).
Alan
