In message <[EMAIL PROTECTED]>, Matt Ma
this writes:
> This message is in MIME format. The first part should be readable text,
> while the remaining parts are likely unreadable without MIME-aware tools.
> Send mail to [EMAIL PROTECTED] for more info.
>
>--NextPart
>Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
>Content-ID: <[EMAIL PROTECTED]>
>
>Please note the attached Internet draft announcement. It describes an extende
>d
>TCP MIB, designed to provide a direct way to query TCP connections to diagnose
>performance problems.
>
>I hope to introduce this as a work item for tsvwg. The complication is
>that RFC2012 is already under revision by inpnwg, mostly to update the
>connection table to support IPv6 addresses. See:
>http://www.ietf.org/internet-drafts/draft-ietf-ipngwg-rfc2012-update-01.txt
>
>I expect that most of the discussion at the IETF will be about process.
I don't speak MIB particularly well, but I think that the Security
Considerations section needs to be expanded. In particular, there are
more entries that need to be read-protected as well, most notably
tcpEStatsDataSndNxt -- if I know that and know (or can guess) the
connection 4-tuple, I can hijack the connection.
--Steve Bellovin, http://www.research.att.com/~smb
Full text of "Firewalls" book now at http://www.wilyhacker.com
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
