From: Florian Weimer <fw@deneb.enyo.de>
To: Andre Tomt <andre@tomt.net>
Cc: linux-kernel@vger.kernel.org, "David S. Miller" <davem@redhat.com>
Subject: Re: TCP-RST Vulnerability - Doubt
Date: Mon, 28 Jun 2004 21:18:48 +0200 [thread overview]
Message-ID: <87zn6njxt3.fsf@deneb.enyo.de> (raw)
In-Reply-To: <40DCDDF4.7030509@tomt.net> (Andre Tomt's message of "Sat, 26 Jun 2004 04:22:44 +0200")
* Andre Tomt:
> I have not seen anything conclusive on this yet. How sensitive is
> Linux to the attack?
The original RST-based attack was against a mixed Cisco/Linux+Quagga
environment, IIRC. This combination is especially vulnerable if the
BGP connection is established in the right direction.
However, nobody has probably bothered to replicate that attack in the
lab. As published, the attack just doesn't work against Cisco/Cisco
peerings. Unfortunately, there is another that *might* actually work,
that's why there was so much fuss about it.
If you have some window checking bugs (like the BSDs had), it can be
quite worse, of course. But such issues are usually way overrated.
Most DoS potential remains unexploited anyway, and I don't think the
disruption from people frantically enabling the TCP MD5 option payed
off in the end.
next prev parent reply other threads:[~2004-06-28 19:18 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-06-25 21:20 TCP-RST Vulnerability - Doubt saiprathap
2004-06-25 22:05 ` David S. Miller
2004-06-26 2:22 ` Andre Tomt
2004-06-28 19:18 ` Florian Weimer [this message]
2004-06-28 13:22 ` Miquel van Smoorenburg
2004-06-28 14:49 ` Chris Wedgwood
2004-06-28 18:34 ` Florian Weimer
2004-06-28 18:37 ` Willy Tarreau
2004-06-28 19:26 ` Florian Weimer
2004-06-29 20:03 ` Valdis.Kletnieks
2004-06-29 21:22 ` Florian Weimer
2004-06-29 21:45 ` Valdis.Kletnieks
2004-06-29 2:34 ` Daniel Roesen
2004-06-29 21:28 ` Florian Weimer
2004-06-29 2:34 ` Lincoln Dale
2004-06-29 21:27 ` Florian Weimer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87zn6njxt3.fsf@deneb.enyo.de \
--to=fw@deneb.enyo.de \
--cc=andre@tomt.net \
--cc=davem@redhat.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox