[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: tcp vulnerability



* Darren Reed <avalon_(_at_)_caligula_(_dot_)_anu_(_dot_)_edu_(_dot_)_au> [2004-04-21 01:18]:
> In some mail from Henning Brauer, sie said:
> > 
> > I'd like to point out that OpenBSD running bgpd(8) as shipping with 
> > 3.5 is not affected...
> 
> What you mean to say, surely, is that OpenBSD and bgpd(8) supports
> TCP-MD5, so where it talks to another end that has been configured
> for TCP-MD5 in a matching configuration (i.e another bgpd(8) running
> on OpenBSD 3.5), there vulnerability is negligible.

no, you are talking crap.

for first, tcp md5 works perfectly against any other rfc compliant 
imlementation. In fact I wrote it using a session to a cisco 7200.

second, even without tcp md5, bgpd on OpenBSD is not affected, because:
-we use random emphereal ports
-we do not use insanely hughe window sizes as cisco does
-we require the RST sequence number to be right on the edge of the window

-- 
http://2suck.net/hhwl.html - http://www.bsws.de/
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)



Visit your host, monkey.org