Revised draft on ICMP attacks
Folks,
I have published a revision of my draft on ICMP attacks against TCP. Some
new stuff you may find interesting is a corner case for the attack against
the PMTUD mechanism, that could allow an attacker to freeze TCP
connections, even those secured by means of IPSec. You can find that stuff
in Section 7.1 of the draft. This revision also addresses some recent
discussions at the TCPM WG mailing-list.
The draft is available at
http://www.gont.com.ar/drafts/draft-gont-tcpm-icmp-attacks-05.txt
(http://www.gont.com.ar/draft/icmp-attacks-against-tcp.html)
Feedback is welcome, noise should go to /dev/null.
--
Fernando Gont
e-mail: fernando@xxxxxxxxxxx || fgont@xxxxxxx