David S. Miller wrote:
>Linux should not honor the incorrect sequence number. If the sequence
>number is incorrect, the RST could legitimately be for another
>connection.
How could it be for another connection, if it has source and destination
port numbers? I thought the sequence number was there to prevent denial
of service attacks, i.e., to prevent unauthorized third parties from
tearing down established TCP connections; since third parties will not
know (or be able to guess) the current 32-bit sequence number, they will
be unable to forge a valid RST packet. Of course, this argument is still
valid even if you accept off-by-one errors in the sequence number; the
attacker still has to guess from a 31-bit space, which is slightly smaller
than the original 32-bit space but still likely large enough for security.
What am I missing?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.tux.org/lkml/
