TCP RST attack (the cause of all that MD5-o-rama)

• Previous message (by thread): TCP RST attack (the cause of all that MD5-o-rama)
• Next message (by thread): TCP RST attack (the cause of all that MD5-o-rama)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 20-apr-04, at 23:45, vijay gill wrote:

> the correct workaround is the
> http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt
> draft. MD5 is also the correct workaround. However, neither of the
> two protect against what is the most vulnerable thing in the internet
> infrastructure today - a large amount of PPS at the _router_ (with or
> without md5 or tcpsecure) will blow it out of the water.

So all we have to do is apply strong crypto a bit smarter, such that we 
only burn CPU cycles for good packets rather than for all packets.

• Previous message (by thread): TCP RST attack (the cause of all that MD5-o-rama)
• Next message (by thread): TCP RST attack (the cause of all that MD5-o-rama)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]