[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Subject: [IP] more on Experts Report Major Internet Vulnerability
Delivered-To: dfarber+@ux13.sp.cs.cmu.edu Date: Tue, 20 Apr 2004 13:53:43 -0700 From: Richard Willey <richard_willey@symantec.com> Subject: Re: [IP] Experts Report Major Internet Vulnerability To: dave@farber.net Hi Dave This email seems un-necessarily alarmist: The vulnerability in question has to do with reseting TCP connections, NOT computers. The principles behind that attack have been known for years. The main contribution of the author is noting that BGP is particularly vulnerable to this attack based on the long-lived nature of the applications TCP connections. There is a good write-up available at http://www.uniras.gov.uk/vuls/2004/236929/index.htm that documents precisely what is being discussed right here. This writeup also notes some relatively easy work arrounds including (A) Using IPSEC (B) Reducing the size of the TCP Windows Furthermore, the author notes that the TCP MD5 signature option is also an effective worrk arorund. Regards Richard Richard Willey Strategic Marketing Symantec Corporation Office: (408) 517-7740 Interoffice: 6 [408] 7740 Mobile: (408) 410-7112 : Hail Ants ------------------------------------- To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Powered by eList eXpress LLC