TCP RST attack (the cause of all that MD5-o-rama)

James haesu at towardex.com
Tue Apr 20 19:29:20 UTC 2004


ah yes.. forgot about that :)

Thanks,
-J

On Tue, Apr 20, 2004 at 08:24:02PM +0100, Stephen J. Wilcox wrote:
> On Tue, 20 Apr 2004, James wrote:
> 
> > i can see this 'attack' operational against a multihop bgp session that's
> > not md5'd.
> > 
> > now the question is... would this also affect single-hop bgp sessions?
> > my understanding would be no, as single-hops require ttl set to 1.
> 
> you can engineer packets to make sure they have the right ttl when they arrive, 
> ie if your 10 hops away, set ttl to 10 and it will be 1 on arrival :)
> 
> Steve
> 
> > 
> > -J
> > 
> > 
> > On Tue, Apr 20, 2004 at 01:36:09PM -0400, Mike Tancsa wrote:
> > > 
> > > 
> > > 
> > > http://www.uniras.gov.uk/vuls/2004/236929/index.htm
> > > 
> > > --------------------------------------------------------------------
> > > Mike Tancsa,                          	          tel +1 519 651 3400
> > > Sentex Communications,     			  mike at sentex.net
> > > Providing Internet since 1994                    www.sentex.net
> > > Cambridge, Ontario Canada			  www.sentex.net/mike
> > 
> > 

-- 
James Jun                                            TowardEX Technologies, Inc.
Technical Lead                        Network Design, Consulting, IT Outsourcing
james at towardex.com                  Boston-based Colocation & Bandwidth Services
cell: 1(978)-394-2867           web: http://www.towardex.com , noc: www.twdx.net



More information about the NANOG mailing list