Re: tcp vulnerability? haven't seen anything on it here...

From: alex
Date: Fri Apr 23 2004 - 09:19:49 EST


> And for something like a huge download to just regular joe, this is more
> of a nuisance assuming some kiddie has access between you and the
> server. OTOH, long lived BGP sessions are affected assuming you are
> going across hostile path to your peer.
Again - no hostile path necessary. Attack is brute-force and does not rely
on MITM.

> So whats all this ado about nothing? Local media made it appear we are
> all about to die.
Pretty much.
>
> Is anyone working on some fix?
In networking world, there was a craze of enabling TCP-MD5 for BGP
sessions reacting to this attack. There is alternative solution, "TTL
hack", relying that most BGP sessions are between directly-connected
routers, so if connection originator sets TTL to 255 and receiver verifies
that TTL on incoming packet is 255, you can be reasonably certain that the
packet was sent by someone directly connected to you. ;)

-alex

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/