Bugtraq mailing list archives
Re: Excellent host SYN-attack fix for BSD hosts
From: stevek () io360 com (Steve Kann)
Date: Tue, 15 Oct 1996 16:41:57 -0400
| It also breaks "naked SYN" filtering which is commonly employed as a way | to let established connections through without much effort and filter only | those TCP packets that have a SYN. | (Stuff like Cisco's establised keyword) this would require either: guessing the systems secret (128 bits) very unlikely inverting md5 I won't say it is impossible, but it is hard sending lots and lots of packets until we get a connection the odds are no better/worse than any other attack based on guessing at seq. numbers guessing at a rate of 100 packets/sec it will require, on average, 3 days. few 2600 readers have this patience.
3 days of letting a program rip doesn't seem like much price to pay for being able to subvert a packet filter rule. This is what has scared me about this solution from the outset. Am I missing something, or are we setting ourselves up to exchange a DOS condition for something worse? -SteveK
Current thread:
- Re: Excellent host SYN-attack fix for BSD hosts, (continued)
- Re: Excellent host SYN-attack fix for BSD hosts Avi Freedman (Oct 12)
- Re: Excellent host SYN-attack fix for BSD hosts Charles M. Hannum (Oct 13)
- Re: Excellent host SYN-attack fix for BSD hosts Casper Dik (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Granville Moore (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Vern Paxson (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Jeff Weisberg (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Alan Cox (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts Darren Reed (Oct 15)
- ftpd bug? Was: bin/1805: Bug in ftpd James Poland 6-5251 (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts Jeff Weisberg (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Steve Kann (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts Jeff Weisberg (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts D. J. Bernstein (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts Vern Paxson (Oct 16)