Educated Guesswork: Another TCP DoS attack: please, please, make it stop!

« How much would it cost to record every phone call? | Main | First release of OpenSSL with DTLS »

May 19, 2005

Another TCP DoS attack: please, please, make it stop!

Yet another vulnerability in TCP implmenetations has been published. Like the previous two, this allows a blind attacker to shut down a given TCP connection. As before, this really only affects long-lived protocols like BGP. So, while this could, I suppose crash the Internet (though there are by far easier ways to do so) it's probably not something you personally have to worry about.

Posted by ekr at May 19, 2005 7:37 AM | Filed under:

Comments

Stop it? Well, just add another TCP option which stores a 64 bit cookie that is randomly chosen when the connection is established (similar to something SCTP already does). It's likely that such a change would be widely deployed well before the last of the TCP DoS vulnerabilities has been addressed. 8-)

Posted by: Florian Weimer at May 19, 2005 9:57 AM