Re: TCP-RST Vulnerability - Doubt

From: Florian Weimer
Date: Tue Jun 29 2004 - 16:32:25 EST

Next message: John Heffner: "Re: 2.6.7-mm1 - 2.6.7-mm4 weird http behavior"
Previous message: Andrew Morton: "Re: 2.6.7-mm4 compile buglet"
In reply to: Daniel Roesen: "Re: TCP-RST Vulnerability - Doubt"
Next in thread: Lincoln Dale: "Re: TCP-RST Vulnerability - Doubt"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Daniel Roesen:

> Not if the MD5 option is properly implemented - i.e. MD5 hash checking
> is done AFTER the packet is considered valid in terms of "fitting"
> sequence number.

In this case, you trade robustness against network load for robustness
against implementation errors. I'd rather not to have to make this
choice. 8-/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: John Heffner: "Re: 2.6.7-mm1 - 2.6.7-mm4 weird http behavior"
Previous message: Andrew Morton: "Re: 2.6.7-mm4 compile buglet"
In reply to: Daniel Roesen: "Re: TCP-RST Vulnerability - Doubt"
Next in thread: Lincoln Dale: "Re: TCP-RST Vulnerability - Doubt"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]