[Full-Disclosure] IETF Draft - Fix for TCP vulnerability (fwd)
Mike Silbersack
silby at silby.com
Thu Apr 22 02:05:03 PDT 2004
On Thu, 22 Apr 2004, Darren Reed wrote:
> > Are you suggesting that we use the strict check during the ESTABLISHED
> > phase, and the window-wide check during all other phases?
>
> Possibly :)
>
> I don't think it is important for session setup, but at the end of a
> session, you generally want it to disappear from your connection table
> sooner rather than later, right ?
>
> Furthermore, you're more likely to get a RST after a FIN has been
> sent, by either party, if you send another ACK because the other
> guy has decided to remove the socket already. Does this make
> sense ?
Yep, that makes sense. It would be very simple to implement as well. :)
> Although this makes me wonder, what's the implication here for FIN
> packets - is there none ? The draft refers to SYNs (which do get
> special treatment) and RSTs (just more violent FIN packets.)
>
> If someone injects a FIN packet the way they would have done a RST,
> what are the implications ?
> Does a packet storm ensue ?
> Does the FIN get ignored ?
> Do FIN packets also need to be challenge-responsed now ?
>
> Darren
I think that the third section of the draft covers this case when it talks
about checking the sequence numbers in both directions for packets.
Looks like we have a lot of testing to do. :|
Mike "Silby" Silbersack
More information about the freebsd-security
mailing list