On Fri, Oct 06, 2000 at 09:06:31PM +0000, David Wagner wrote:
> David S. Miller wrote:
> >Linux should not honor the incorrect sequence number. If the sequence
> >number is incorrect, the RST could legitimately be for another
> >connection.
>
> How could it be for another connection, if it has source and destination
> port numbers? I thought the sequence number was there to prevent denial
> of service attacks, i.e., to prevent unauthorized third parties from
> tearing down established TCP connections; since third parties will not
> know (or be able to guess) the current 32-bit sequence number, they will
> be unable to forge a valid RST packet. Of course, this argument is still
> valid even if you accept off-by-one errors in the sequence number; the
> attacker still has to guess from a 31-bit space, which is slightly smaller
> than the original 32-bit space but still likely large enough for security.
> What am I missing?
You're missing dynamic IPs, NAT and reboot of hosts.
-Andi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Oct 07 2000 - 21:00:19 EST