re: TCP vulnerability
Hi, For those not helped too much the MD5 Signature Option, this i-d addresses the attacks in the Watson paper (it was meant to come out just when the advisory came out, but they jumped the gun). There are implementations in *xes and router OSes - more info from those sources. Allison -------- Forwarded Message A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the TCP Maintenance and Minor Extensions Working Group of the IETF. Title : Transmission Control Protocol security considerations Author(s) : R. Stewart Filename : draft-ietf-tcpm-tcpsecure-00.txt Pages : 10 Date : 2004-4-20 TCP (RFC793 [1]) is widely deployed and one of the most often used reliable end to end protocols for data communication. Yet when it was defined over 20 years ago the internet, as we know it, was a different place lacking many of the threats that are now common. Recently several rather serious threats have been detailed that can pose new methods for both denial of service and possibly data injection by blind attackers. This document details those threats and also proposes some small changes to the way TCP handles inbound segments that either eliminate the threats or at least minimize them to a more acceptable level. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt - --4737358894.1082487684/segue.merit.edu-- ------- End of Forwarded Message
participants (1)
-
Allison Mankin