Jurjen Oskam <jurjen@stupendous.org> wrote:
> [About SYN+FIN+data packets causing RSTs from Linux]
Oliver Xymoron <oxymoron@waste.org> wrote:
> Accepting data before a handshake is completed is a security hole. Sadly,
> Stevens' book predates script kiddies. I'm sure that the relevant Linux
> developers actually said that T/TCP is "fundamentally broken" rather than
> "experimental."
Agreed accepting data can be a security hole, but you can choose to
discard the data and establish the connection without it. Let the other
end retransmit.
Or you could choose to accept the data if it's not flooding you.
It rather depends how much data and how often.
But anyway I checked RFC793
---------------------------
RFC793, starting in LISTEN state. The SYN is received. RCV.NXT is set
to SEG.SEQ+1. A SYN+ACK is sent:
--> Send <SEQ=ISS><ACK=RCV.NXT><CTL=SYN,ACK>
State switches to SYN-RECEIVED where remaining data is processed.
Receive window can be zero or non-zero. For security we don't accept
initial data, so receive window is zero. Segment is not acceptable.
Send an acknowledgement in reply:
--> Send <SEQ=SND.NXT><ACK=RCV.NXT><CTL=ACK>
Drop the unacceptable segment and return. FIN, PSH and URG are ignored.
No security problem, no data accepted, three way handshake ok.
So
--So Linux is wrong if it sends RSTs in response, and discarding T/TCP initial data is ok.
-- Jamie
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/