Bugtraq mailing list archives
Re: Small TCP packets == very large overhead == DoS?
From: John Kristoff <jtk () depaul edu>
Date: Tue, 10 Jul 2001 08:13:49 -0500
Darren Reed wrote:
Silly window sizes aren't so bad. If you have a window size of one then you only ever have one outstanding piece of data sent at a time. So if I have 16k of data, it might take 32k or more packets, but I can only send one packet at a time.
With a window size of 1, a misbehaving receiver might be able to anticipate packets injected into the network by the sender. The receiver could aggressively generate ACKs before data is actually received (bypassing typical delayed ACK mechanisms). This may be more of a problem for the sender if the rate of 1-byte ACKs is high. If the connection and receiver's address could be spoofed, bursts of 1-byte segments from the sender can be sent to an innocent victim as part of a tinygram DoS attack. John
Current thread:
- Re: Small TCP packets == very large overhead == DoS?, (continued)
- Re: Small TCP packets == very large overhead == DoS? Darren Reed (Jul 09)
- RE: Small TCP packets == very large overhead == DoS? David LeBlanc (Jul 09)
- Re: Small TCP packets == very large overhead == DoS? Pavel Machek (Jul 15)
- Re: Small TCP packets == very large overhead == DoS? Crist Clark (Jul 19)
- Re: Small TCP packets == very large overhead == DoS? Eric Vyncke (Jul 09)
- RE: Small TCP packets == very large overhead == DoS? Russ (Jul 09)
- Re: Small TCP packets == very large overhead == DoS? Darren Reed (Jul 10)
- RE: Small TCP packets == very large overhead == DoS? David LeBlanc (Jul 10)
- Re: Small TCP packets == very large overhead == DoS? Darren Reed (Jul 10)
- Re: Small TCP packets == very large overhead == DoS? gregory duchemin (Jul 09)
- Re: Small TCP packets == very large overhead == DoS? Darren Reed (Jul 09)
- Re: Small TCP packets == very large overhead == DoS? John Kristoff (Jul 10)
- Re: Small TCP packets == very large overhead == DoS? Brett Lymn (Jul 10)
- RE: Small TCP packets == very large overhead == DoS? Franck Martin (Jul 10)
- Re: Small TCP packets == very large overhead == DoS? Crist Clark (Jul 18)