nanog mailing list archives

Re: tcp,guardent,bellovin

From: Valdis.Kletnieks () vt edu
Date: Mon, 12 Mar 2001 18:49:39 -0500


On Mon, 12 Mar 2001 18:09:32 EST, "Richard A. Steenbergen" said:

And since the "victim" will have the current sequence number for inbound
data, what would keep it from (correctly) sending an RST and tearing down
this false connection?

 
And THAT my friends, was the *original* purpose for a TCP SYN flood - it
wasn't to DOS the victim, it was to DOS a machine *trusted by* the victim
so you could forge a connection and NOT get nailed by an RST.

I'm sure that Steve Bellovin can point us at the original discussion
of this, which was *ages* ago.  I remember hearing that Kevin Mitnick
used that (in addition to other tricks) against Shimomura's machines
and thinking "Hmm.. so it's *not* just a theoretical attack anymore..."


-- 
                                Valdis Kletnieks
                                Operating Systems Analyst
                                Virginia Tech

Current thread:

tcp,guardent,bellovin Chris Beggy (Mar 12)
- <Possible follow-ups>
- Re: tcp,guardent,bellovin Steven M. Bellovin (Mar 12)
  - Re: tcp,guardent,bellovin Rafi Sadowsky (Mar 12)
  - Re: tcp,guardent,bellovin bert hubert (Mar 12)
  - Re: tcp,guardent,bellovin Scott Francis (Mar 12)
- Re: tcp,guardent,bellovin Steven M. Bellovin (Mar 12)
  - Re: tcp,guardent,bellovin Rafi Sadowsky (Mar 12)
    - Re: tcp,guardent,bellovin Jim Duncan (Mar 12)
- Re: tcp,guardent,bellovin Richard A. Steenbergen (Mar 12)
  - Re: tcp,guardent,bellovin bert hubert (Mar 12)
  - Re: tcp,guardent,bellovin Valdis . Kletnieks (Mar 12)
- Re: tcp,guardent,bellovin Steven M. Bellovin (Mar 12)