TCP RST attack (the cause of all that MD5-o-rama)
James
haesu at towardex.com
Tue Apr 20 19:29:20 UTC 2004
ah yes.. forgot about that :)
Thanks,
-J
On Tue, Apr 20, 2004 at 08:24:02PM +0100, Stephen J. Wilcox wrote:
> On Tue, 20 Apr 2004, James wrote:
>
> > i can see this 'attack' operational against a multihop bgp session that's
> > not md5'd.
> >
> > now the question is... would this also affect single-hop bgp sessions?
> > my understanding would be no, as single-hops require ttl set to 1.
>
> you can engineer packets to make sure they have the right ttl when they arrive,
> ie if your 10 hops away, set ttl to 10 and it will be 1 on arrival :)
>
> Steve
>
> >
> > -J
> >
> >
> > On Tue, Apr 20, 2004 at 01:36:09PM -0400, Mike Tancsa wrote:
> > >
> > >
> > >
> > > http://www.uniras.gov.uk/vuls/2004/236929/index.htm
> > >
> > > --------------------------------------------------------------------
> > > Mike Tancsa, tel +1 519 651 3400
> > > Sentex Communications, mike at sentex.net
> > > Providing Internet since 1994 www.sentex.net
> > > Cambridge, Ontario Canada www.sentex.net/mike
> >
> >
--
James Jun TowardEX Technologies, Inc.
Technical Lead Network Design, Consulting, IT Outsourcing
james at towardex.com Boston-based Colocation & Bandwidth Services
cell: 1(978)-394-2867 web: http://www.towardex.com , noc: www.twdx.net
More information about the NANOG
mailing list