Re: [Patch] IPv4 TCP security impovement

Robert Thorncrantz (rtz@pirx.df.lth.se)
Sun, 10 Jan 1999 20:14:54 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jamie Raymond: "Re: IRQ mapping problem, 2.2.0pre[5,6], SMP related?"
Previous message: Meelis Roos: "Re: Thoughts on a token-based security system"

On Sat, Jan 09, 1999 at 10:44:05AM +0100, Joachim Baran wrote:
> > the packets arrive.
> OK - now very slow:
>
> Port 25 (we assume sendmail listening)
> -> This port is connected to sendmail, because
> sendmail listens on it. I don't touch
> packets to this port. Everything goes
> thru sendmail is is then handled by
> it.
>
> Port 24 (nothing - no daemon - no nothing)
> -> This port is unconnected. There is no
> service behind it. Here I would drop
> the received packet without sending
> an ACK+RST.
>
> So: There couldn't have been any connection to
> port 24, because nobody is listening there...

Ok, even more slowly.
Yes there could, because the computer that used your IP-nr a minute
ago didn't close the connection to its port 24 before it went off
line. Therefore you will receive quite legitimate but obsolete packets
destined for port 24, and since you don't send a reset, the sender
will keep sending them until it times out, which can take time.

/robert

-- Robert Thörncrantz rtz@pirx.df.lth.se Mundus Vult Decipi dat95rth@ludat.lth.se

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Jamie Raymond: "Re: IRQ mapping problem, 2.2.0pre[5,6], SMP related?"
Previous message: Meelis Roos: "Re: Thoughts on a token-based security system"