On May 13, 2004, at 1:48 PM, Steven M. Bellovin wrote:
In message <Pine.NEB.4.58.0405122134560.9034@server.duh.org>, Todd Vierling wri tes:
On Tue, 11 May 2004, David Krause wrote:
: http://www.ietf.org/ietf/IPR/cisco-ipr-draft-ietf-tcpm-tcpsecure.txt
The same document that fully ignores that port number randomness will severely limit the risk of susceptibility to such an attack?
How many zombies would it take to search the port number space exhaustively?
Irrelevant. The limiting factor here is how many packets can make it to the CPU. Using 10K pps as a nice round (and high) figure, a single machine can do that. Also, many of the calculations I've seen assume much higher pps when calculating time to reset a session. Has anyone done a test to see what a Juniper M5/10/whatever and a GSR can actually take without dropping packets due to rate limiting and/or falling over from being packeted? -- TTFN, patrick