TCP/BGP vulnerability - easier than you think

• Previous message (by thread): TCP/BGP vulnerability - easier than you think
• Next message (by thread): TCP/BGP vulnerability - easier than you think
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Apr 21, 2004 at 01:23:54PM +0200, Iljitsch van Beijnum wrote:
> 
> On Wed, 21 Apr 2004, Daniel Roesen wrote:
> 
> > > access-list 123 deny   tcp any any eq bgp rst log-input
> > > access-list 123 deny   tcp any eq bgp any rst log-input
> 
> > > Unfortunately, not all vendors are able to look at the RST bit when
> > > filtering...
> 
> > The general ignorance to the fact that SYN works as well is
> > astonishing. :-)
> 
> What are you talking about?

http://www.uniras.gov.uk/vuls/2004/236929/index.htm

First paragraph of the summary:

"The issue described in this advisory is the practicability of resetting
an established TCP connection by sending suitable TCP packets with the
RST (Reset) or SYN (Synchronise) flags set."

You can break TCP sessions not only be injecting harmfully crafted
RST packets, but also with SYN packets.

All talk I see going on is always about harmful RST packets only. Seems
like noone realized that the thread is equally intense with SYN packets.

• Previous message (by thread): TCP/BGP vulnerability - easier than you think
• Next message (by thread): TCP/BGP vulnerability - easier than you think
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]