[Full-Disclosure] IETF Draft - Fix for TCP vulnerability (fwd)
Darren Reed
avalon at caligula.anu.edu.au
Wed Apr 21 23:28:20 PDT 2004
In some mail from Mike Silbersack, sie said:
> On Wed, 21 Apr 2004, Don Lewis wrote:
> > On 21 Apr, Mike Silbersack wrote:
> > > Do you have access to a system that exhibits the "RST at end of window"
> > > syndrome so that you could code up and test out this part of the patch?
> >
> > Nope. The only report of this that I saw was from jayanth. Judging by
> > the tcpdump timestamps, it looks like whatever this wierd piece of
> > hardware was, it was nearby.
>
> Something just occured to me... we can just lump the "RST at end of
> window" case into the whole "RST somewhere in the window case". In that
> way, we only need two cases:
>
> 1. RSTs exactly at last_ack_sent (always accepted)
To pursue this thought further, if a FIN has been sent or received
(connection has migrated from ESTABLISHED to CLOSE_WAIT or something
else) then receiving an RST at this point should be much less of a
problem, yes ?
The only drawback is I've seen sessions where there's a last ditch
attempt to get data through even though a FIN has been received.
Darren
More information about the freebsd-security
mailing list