From: Thomas Graf <tgraf@suug.ch>
To: Willy Tarreau <willy@w.ods.org>
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
davem@davemloft.net, xschmi00@stud.feec.vutbr.cz,
alastair@unixtrix.com, linux-kernel@vger.kernel.org,
netdev@oss.sgi.com
Subject: Re: [PATCH] fix small DoS on connect() (was Re: BUG: Unusual TCP Connect() results.)
Date: Sun, 12 Jun 2005 16:44:26 +0200 [thread overview]
Message-ID: <20050612144426.GC22463@postel.suug.ch> (raw)
In-Reply-To: <20050612133654.GA8951@alpha.home.local>
* Willy Tarreau <20050612133654.GA8951@alpha.home.local> 2005-06-12 15:36
> > The RST packet is sent by client A using its sequence numbers. Therefore
> > it will pass the sequence number check on server B.
> >
> > 4) server B resets the connection.
>
> No, precisely the RST sent by A will take its SEQ from C's ACK number.
> This is why B will *not* reset the connection (again, tested) if C's ACK
> was not within B's window.
Absolutely but it relies on the other stack being correctly implemented.
The attack would work perfectly fine if there wasn't the rule that a RST
must not be sent in response to another RST. The attack has been
successful and still is because some firewalls are configured to send
RSTs without respecting this rule.
I like your patch and the idea behind it, it can successfully defeat the
most simple method of preventing connections being established.
next prev parent reply other threads:[~2005-06-12 14:44 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-06-09 20:51 BUG: Unusual TCP Connect() results Alastair Poole
2005-06-10 2:23 ` [OT] " Kyle Moffett
2005-06-10 13:24 ` Alastair Poole
2005-06-10 15:28 ` Michal Schmidt
2005-06-10 16:55 ` Alastair Poole
2005-06-10 16:06 ` Michal Schmidt
2005-06-10 22:26 ` Willy TARREAU
2005-06-10 22:38 ` Willy Tarreau
2005-06-10 22:42 ` David S. Miller
2005-06-11 6:24 ` Willy TARREAU
[not found] ` <20050611074350.GD28759@alpha.home.local>
2005-06-11 19:32 ` [PATCH] fix small DoS on connect() (was Re: BUG: Unusual TCP Connect() results.) Herbert Xu
2005-06-11 19:51 ` Willy Tarreau
2005-06-12 8:13 ` Herbert Xu
2005-06-12 8:34 ` Willy Tarreau
2005-06-12 10:30 ` Herbert Xu
2005-06-12 11:40 ` Willy Tarreau
2005-06-12 12:06 ` Herbert Xu
2005-06-12 12:22 ` Thomas Graf
2005-06-12 13:16 ` Herbert Xu
2005-06-12 12:32 ` Willy Tarreau
2005-06-12 13:13 ` Herbert Xu
2005-06-12 13:33 ` Herbert Xu
2005-06-12 13:47 ` Willy Tarreau
2005-06-12 13:50 ` Herbert Xu
2005-06-12 14:24 ` Willy Tarreau
2005-06-13 4:48 ` Herbert Xu
2005-06-13 5:21 ` Willy Tarreau
2005-06-13 5:24 ` Herbert Xu
2005-06-13 6:17 ` Willy Tarreau
2005-06-13 7:45 ` Herbert Xu
2005-06-13 8:10 ` Willy Tarreau
2005-06-13 20:57 ` [PATCH] fix small DoS on connect() David S. Miller
2005-06-12 13:36 ` [PATCH] fix small DoS on connect() (was Re: BUG: Unusual TCP Connect() results.) Willy Tarreau
2005-06-12 14:44 ` Thomas Graf [this message]
2005-06-12 15:02 ` Willy Tarreau
2005-06-12 17:10 ` Denis Vlasenko
2005-06-12 17:36 ` Willy Tarreau
2005-06-12 17:47 ` Denis Vlasenko
2005-06-12 18:14 ` Willy Tarreau
2005-06-13 2:04 ` Valdis.Kletnieks
2005-06-11 15:34 ` BUG: Unusual TCP Connect() results Alastair Poole
2005-06-11 14:38 ` Willy Tarreau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050612144426.GC22463@postel.suug.ch \
--to=tgraf@suug.ch \
--cc=alastair@unixtrix.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@oss.sgi.com \
--cc=willy@w.ods.org \
--cc=xschmi00@stud.feec.vutbr.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox