huawei
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Fri Jun 14 17:51:32 UTC 2013
On Fri, 14 Jun 2013 13:21:09 -0400, Scott Helms said:
> How? There is truly not that much room in the IP packet to play games and
> if you're modifying all your traffic this would again be pretty easy to
> spot. Again, the easiest/cheapest method is that there is a backdoor there
> already.
Do you actually examine your traffic and drop packets that have non-zeros
in reserved fields? (Remember what that did to the deployment of ECN?)
And there's plenty of room if you stick a TCP or IP option header in there. Do
you actually check for those too?
How fast can you send data to a cooperating router down the way if you splat
the low 3 bits of TCP timestamps on a connection routed towards the cooperating
router? (SUre, you just busted somebody's RTT calculation, but it will just
decide it's a high-jitter path and deal with it).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 865 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20130614/7d31bcb5/attachment.sig>
More information about the NANOG
mailing list