TCP RST attack (the cause of all that MD5-o-rama)

• Previous message (by thread): TCP RST attack (the cause of all that MD5-o-rama)
• Next message (by thread): TCP RST attack (the cause of all that MD5-o-rama)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Patrick W.Gilmore wrote:

> 
> On Apr 20, 2004, at 3:24 PM, Stephen J. Wilcox wrote:
> 
>> On Tue, 20 Apr 2004, James wrote:
>>
>>> i can see this 'attack' operational against a multihop bgp session 
>>> that's
>>> not md5'd.
>>>
>>> now the question is... would this also affect single-hop bgp sessions?
>>> my understanding would be no, as single-hops require ttl set to 1.
>>
>>
>> you can engineer packets to make sure they have the right ttl when 
>> they arrive,
>> ie if your 10 hops away, set ttl to 10 and it will be 1 on arrival :)
> 
> 
> Not if you use the TTL hack.
> 
> Seems like that would be much more useful, and less CPU intensive, and 
> less prone to user error, etc., etc. than MD5

But it has limited effectiveness for multi-hop sessions. There is the
appeal of a solution that does not depend of the physical layout of the
BGP peers.
-- 
Crist J. Clark                               crist.clark at globalstar.com
Globalstar Communications                                (408) 933-4387

• Previous message (by thread): TCP RST attack (the cause of all that MD5-o-rama)
• Next message (by thread): TCP RST attack (the cause of all that MD5-o-rama)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]