[IP] more on Experts Report Major Internet Vulnerability

To: ip@xxxxxxxxxxxxxx
Subject: [IP] more on Experts Report Major Internet Vulnerability
From: dave@xxxxxxxxxx
Date: Sat, 22 May 2004 9:00 -0400
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
Reply-to: dave@xxxxxxxxxx
Sender: owner-ip@xxxxxxxxxxxxxx


...... Forwarded Message .......
From: Joe Touch <touch@xxxxxxx>
To: Dave Farber <dave@xxxxxxxxxx>
Date: Fri, 21 May 2004 17:03:48 -0700
Subj: Re: [IP] more on Experts Report Major Internet Vulnerability

Hi, Dave,

I got a bit vexed by the lack of information in the IETF's first shot at 
explaining this attack (below), and ended up writing my own version of 
what the problem really is and what the most appropriate solutions might 
be, in case you or IP are interested:

        http://www.ietf.org/internet-drafts/draft-touch-anonsec-00.txt

As with any I-D, this is a draft only, and input is solicited.

Joe

Joe Touch wrote:

> See in particular RFC 2385, a nearly 6-year old RFC that describes both 
> the attack issues and some ways to secure against it.
> 
> Joe
> 
> ------------------------------------------------------------------------
> Joseph D. Touch                              http://www.isi.edu/touch
> Director, Postel Center
> USC/ISI
> Research Assoc. Prof.
> USC CS and EE-Systems Depts.
> 
> 
> Dave Farber wrote:
> 
>>
>> Delivered-To: dfarber+@xxxxxxxxxxxxxxxxxx
>> Date: Tue, 20 Apr 2004 13:53:43 -0700
>> From: Richard Willey <richard_willey@xxxxxxxxxxxx>
>> Subject: Re: [IP] Experts Report Major Internet Vulnerability
>> To: dave@xxxxxxxxxx
>>
>> Hi Dave
>>
>> This email seems un-necessarily alarmist:  The vulnerability in question
>> has to do with reseting TCP connections, NOT computers.
>> The principles behind that attack have been known for years.  The main
>> contribution of the author is noting that BGP is particularly vulnerable
>> to this attack based on the long-lived nature of the applications TCP
>> connections.
>>
>> There is a good write-up available at
>> http://www.uniras.gov.uk/vuls/2004/236929/index.htm that documents
>> precisely what is being discussed right here.
>> This writeup also notes some relatively easy work arrounds including
>>
>> (A) Using IPSEC
>> (B) Reducing the size of the TCP Windows
>>
>> Furthermore, the author notes that the TCP MD5 signature option is 
>> also an
>> effective worrk arorund.
>>
>> Regards
>>
>> Richard
>>
>>
>>
>> Richard Willey
>>
>> Strategic Marketing

-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] a update on computer problems
Next by Date: [IP] Terry Jones, on supporting America
Previous by thread: [IP] more on Experts Report Major Internet Vulnerability
Next by thread: [IP] more on more on RBOC vs. RBOC
Index(es):
- Date
- Thread