Bugtraq mailing list archives
sequence numbers in TCP RST's (was Re: Watcher page moved)
From: vern () ee lbl gov (Vern Paxson)
Date: Sat, 01 Apr 95 17:03:17 PST
1) should TCP check the sequence number to avoid RST bombs? Not only should but must, and I think does; see RFC 793.
It may be that most TCP's check sequence number of RST's. I thought I'd add, though, that there are plenty of TCP implementations which don't bother to put the correct sequence number into RST's they generate. I know this because I do a lot of TCP connection analysis by tracing SYN/FIN/RST packets, and I have to special-case the RST packets in my scripts because their sequence numbers are often bogus. Vern
Current thread:
- sequence numbers in TCP RST's (was Re: Watcher page moved) Vern Paxson (Apr 01)