recently, a few of us came up with a novel (or so we thought) DoS attack
against TCP.  We spent some time implementing and testing it and found it
to work worryingly well.

It turns out that we are not the first to come across this attack.  Rob
Sherwood and colleagues in Maryland were a year or two ahead of us.  They
have published a paper entitled "Misbehaving TCP Receivers Can Cause
Internet-Wide Congestion Collapse".


Linux appears not to have implemented any fix for this vulnerability,
although Rob Sherwood wrote a patch against 2.4.24.


There seems to be a brief mention of it on the fedora-security list but I
can't find much discussion of it in linux circles otherwise.


Is there some reason that this fix was not accepted or has this just
slipped under people's radars?  Should some fix not be implemented?  The
issue seems even more severe with the larger buffer sizes now in use.


To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to