Re: TCP RST attack (the cause of all that MD5-o-rama)

North American Network Operators Group

Re: TCP RST attack (the cause of all that MD5-o-rama)

From: Iljitsch van Beijnum
Date: Tue Apr 20 18:47:03 2004

On 20-apr-04, at 23:45, vijay gill wrote:

the correct workaround is the
http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt
draft. MD5 is also the correct workaround. However, neither of the
two protect against what is the most vulnerable thing in the internet
infrastructure today - a large amount of PPS at the _router_ (with or
without md5 or tcpsecure) will blow it out of the water.

So all we have to do is apply strong crypto a bit smarter, such that we only burn CPU cycles for good packets rather than for all packets.

References:
- Re: TCP RST attack (the cause of all that MD5-o-rama) Crist Clark
- Re: TCP RST attack (the cause of all that MD5-o-rama) Dan Hollis
- Re: TCP RST attack (the cause of all that MD5-o-rama) vijay gill
- Re: TCP RST attack (the cause of all that MD5-o-rama) Rodney Joffe
- Re: TCP RST attack (the cause of all that MD5-o-rama) vijay gill

Prev by Date: Re: TCP RST attack (the cause of all that MD5-o-rama)
Next by Date: Re: TCP vulnerability
Date Index
Thread Index
Author Index
Historical