<<< Date Index >>>     <<< Thread Index >>>

Re: ICMP vulnerabilities



> >
> > Please read the article.  My take on this is that there are people
> > who don't want to fix this.
> >
> 
> This isn't news news, I've been tinkering with something along these
> lines since 1999:
> 

        Well, your article is your ponderings of how tcp work, and brat.c
does nothing like an MTU attack, it simply floods someone's bgp port,
whoopee, buy your bot-net and go to town. - That's not what the
article is about.  What fernando is talking about is not a flood which
requires a worm or something to grab enough bandwidth to attack
people, it's a blind attack which someone with idsn level connectivity
alone can probably send enough packets to make it work. 

        More importantly, the article is talking about FIXES for these
issues, rather than just wanking about it. It also seems to notice
that the corporate shills who have taken over the IETF are going out
of their way to ensure that things don't change in the standards, so
that their respective companies won't have to implement expensive
fixes that will cost them a lot of money to get to their customers.
This and combined with the aggressive tactics of companies like Cisco
who appeared to attempt to shut someone up who comes to the IETF with
an issue by threatening frivoulous legal action by claiming to patent
their work after the fact. 

        I find the whole story of how the IETF and the large companies
involved handling this very disturbing, although perhaps not surprising. 

        -Bob