+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]On Wed, Oct 01, 2008 at 03:58:22PM +0200, Claudio Jeker wrote:
| On Wed, Oct 01, 2008 at 03:31:00PM +0200, Stephan A. Rickauer wrote:
| > On Wed, 2008-10-01 at 14:52 +0200, Leon Dippenaar wrote:
| > > Hi there,
| > >
| > > is there any weight to this new story on slashdot
| > > http://it.slashdot.org/it/08/10/01/0127245.shtml
| > >
| > > about a new attacker possible to break any tcp stack? Sounds rather
| > > shady, so here I am, perhaps you guys have your ears closer to the
ground
| >
| > A little bit less vage info can be found here
| >
| > http://tinyurl.com/3hv3kf
| >
|
| This article is mostly about exploiting SYN cookies to bring servers into
| resource starvation. OpenBSD does not implement SYN cookies. We have a SYN
| cache with a upper limit of open handshakes. Together with random initial
| sequence numbers it is hard to finish the 3-way handshake without getting
| the SYN/ACK from the server on OpenBSD systems.So far, I've heard about issues with TCP *after* a session has been
established (ie, after the 3-way handshake). Somehow exploiting TCP
state timers to affect badness (DoS), maybe.I agree with Claudio that very little is public so far (I don't eat
cereals, but I believe the same is true for my jar of peanutbutter).For now, it's all *extremely* vague.
Cheers,
Paul 'WEiRD' de Weerd
--
[demime 1.01d removed an attachment of type application/pgp-signature]
| Greg Kroah-Hartman | [PATCH 005/196] Chinese: add translation of SubmittingDrivers |
| Christian Kujau | 2.6.20.4: NETDEV WATCHDOG and lockups |
| Tarkan Erimer | Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3 |
| Jack Steiner | Re: [patch] my mmu notifiers |
git: | |
| Gerrit Renker | [PATCH 27/37] dccp: Integration of dynamic feature activation - part 2 (server side) |
| Arjan van de Ven | Re: [GIT]: Networking |
| Jarek Poplawski | [PATCH] pkt_sched: Destroy gen estimators under rtnl_lock(). |
| Jens Axboe | Re: [BUG] New Kernel Bugs |
| YAMAMOTO Takashi | removing VOPs |
| Lennart Augustsson | Re: FreeBSD 5/6/7 kernel emulator for NetBSD 2.x |
| Daniel Carosone | Re: direct I/O |
| Brian Buhrow | Re: /sbin/reboot and secmodel |
