[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: tcp vulnerability
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: tcp vulnerability
- From: Henning Brauer <lists-openbsd_(_at_)_bsws_(_dot_)_de>
- Date: Wed, 21 Apr 2004 01:39:45 -0700
- Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org
* Darren Reed <avalon_(_at_)_caligula_(_dot_)_anu_(_dot_)_edu_(_dot_)_au> [2004-04-21 01:18]:
> In some mail from Henning Brauer, sie said:
> > I'd like to point out that OpenBSD running bgpd(8) as shipping with
> > 3.5 is not affected...
> What you mean to say, surely, is that OpenBSD and bgpd(8) supports
> TCP-MD5, so where it talks to another end that has been configured
> for TCP-MD5 in a matching configuration (i.e another bgpd(8) running
> on OpenBSD 3.5), there vulnerability is negligible.
no, you are talking crap.
for first, tcp md5 works perfectly against any other rfc compliant
imlementation. In fact I wrote it using a session to a cisco 7200.
second, even without tcp md5, bgpd on OpenBSD is not affected, because:
-we use random emphereal ports
-we do not use insanely hughe window sizes as cisco does
-we require the RST sequence number to be right on the edge of the window
http://2suck.net/hhwl.html - http://www.bsws.de/
Unix is very simple, but it takes a genius to understand the simplicity.