Re: ack number in a connection-refused RST

From: David Wagner (daw@mozart.cs.berkeley.edu)
Date: Fri Oct 06 2000 - 17:06:31 EDT

  • Next message: Andi Kleen: "Re: ack number in a connection-refused RST"

    David S. Miller wrote:
    >Linux should not honor the incorrect sequence number. If the sequence
    >number is incorrect, the RST could legitimately be for another
    >connection.

    How could it be for another connection, if it has source and destination
    port numbers? I thought the sequence number was there to prevent denial
    of service attacks, i.e., to prevent unauthorized third parties from
    tearing down established TCP connections; since third parties will not
    know (or be able to guess) the current 32-bit sequence number, they will
    be unable to forge a valid RST packet. Of course, this argument is still
    valid even if you accept off-by-one errors in the sequence number; the
    attacker still has to guess from a 31-bit space, which is slightly smaller
    than the original 32-bit space but still likely large enough for security.
    What am I missing?
    -
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    Please read the FAQ at http://www.tux.org/lkml/

    This archive was generated by hypermail 2b29 : Fri Oct 06 2000 - 17:09:12 EDT