funsec mailing list archives
Re: Naughty Comcast
From: Sean Donelan <sean () donelan com>
Date: Fri, 19 Oct 2007 13:50:23 -0400 (EDT)
On Fri, 19 Oct 2007, Florian Weimer wrote:
I took that to mean they were injecting RST packets, ala the great Firewall of China.RST packets do not work that well to reduce bandwidth consumption because the client immediately tries to establish a new connection (maybe to a different host, but still). You need to do something that stalls the connection by confusing the TCP at one end.
Yes and no. For the current generation of P2P applications, sending the RST packet on connections across peering interfaces tends to "encourage" the P2P application to find other peers on the same network. Stalling the TCP session active, eventually still uses up the networks external bandwidth.
Of course, this is why inter-provider connections use TCP MD5 keys. If the P2P programmers had read their history, they wouldn't have this problem :-)
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Naughty Comcast Alex Eckelberry (Oct 19)
- Re: Naughty Comcast Brian Loe (Oct 19)
- Re: Naughty Comcast Valdis . Kletnieks (Oct 19)
- Re: Naughty Comcast Blue Boar (Oct 19)
- Re: Naughty Comcast Valdis . Kletnieks (Oct 19)
- Re: Naughty Comcast Blue Boar (Oct 19)
- Re: Naughty Comcast Florian Weimer (Oct 19)
- Re: Naughty Comcast Valdis . Kletnieks (Oct 19)
- Re: Naughty Comcast Dennis Henderson (Oct 19)
- Re: Naughty Comcast Sean Donelan (Oct 19)
- Re: Naughty Comcast Valdis . Kletnieks (Oct 19)
- Re: Naughty Comcast Brian Loe (Oct 19)