TCP vulnerability
Allison Mankin
mankin at psg.com
Tue Apr 20 19:04:09 UTC 2004
Hi,
For those not helped too much the MD5 Signature Option, this
i-d addresses the attacks in the Watson paper (it was meant to
come out just when the advisory came out, but they jumped the gun).
There are implementations in *xes and router OSes - more info
from those sources.
Allison
-------- Forwarded Message
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the TCP Maintenance and Minor Extensions Working Group of the IETF.
Title : Transmission Control Protocol security considerations
Author(s) : R. Stewart
Filename : draft-ietf-tcpm-tcpsecure-00.txt
Pages : 10
Date : 2004-4-20
TCP (RFC793 [1]) is widely deployed and one of the most often used
reliable end to end protocols for data communication. Yet when it was
defined over 20 years ago the internet, as we know it, was a
different place lacking many of the threats that are now common.
Recently several rather serious threats have been detailed that can
pose new methods for both denial of service and possibly data
injection by blind attackers. This document details those threats and
also proposes some small changes to the way TCP handles inbound
segments that either eliminate the threats or at least minimize them
to a more acceptable level.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt
- --4737358894.1082487684/segue.merit.edu--
------- End of Forwarded Message
More information about the NANOG
mailing list