Re: [tcpm] Please read
"Murali Bashyam" <mbcoder@gmail.com> Fri, 01 August 2008 19:58 UTC
Return-Path: <tcpm-bounces@ietf.org>
X-Original-To: tcpm-archive@megatron.ietf.org
Delivered-To: ietfarch-tcpm-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 071673A696F; Fri, 1 Aug 2008 12:58:01 -0700 (PDT)
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6C8783A696F for <tcpm@core3.amsl.com>; Fri, 1 Aug 2008 12:57:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6lI4N+Dxa5A6 for <tcpm@core3.amsl.com>; Fri, 1 Aug 2008 12:57:55 -0700 (PDT)
Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.246]) by core3.amsl.com (Postfix) with ESMTP id C34713A6A21 for <tcpm@ietf.org>; Fri, 1 Aug 2008 12:57:54 -0700 (PDT)
Received: by an-out-0708.google.com with SMTP id d18so1355015and.122 for <tcpm@ietf.org>; Fri, 01 Aug 2008 12:58:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type:references; bh=5oL1t8nOkhcoQBozwyZoILe1us80fVl5xeb66gLmJo8=; b=pp88fuUTaDbRPTC7kHo/ToyqfQfprAyEdXlNWn+niaAPnSLAv1IY4pBcLq2yKJuFhI eeeZuLR3Hb8Lg2gNqrZ0OHqmESVgPkTpsejSOMGVtnMqzYTDgXItGfMdgppew8hDeKAY 5uGXMT7/hF1W74O1zJTqCWgtEwf99xU9pXr1s=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:references; b=ECkWnYAFUCyf16yLCfWDgAKQmoH7EgYb5SATdYh4qlmm6rbCqjBwQvQ0Zo6xEU4+/q Vc7CZjyk5pm8v27E3zyyKsuC2YZzE5+D6ZY8RtuupIOF2t5J4jhJ+4Y3tTyu8Nmomktk tZrxJcJbJW1TtUMyKyL2/z8yqnhQRLWBpBWVg=
Received: by 10.100.216.12 with SMTP id o12mr17201867ang.117.1217620694367; Fri, 01 Aug 2008 12:58:14 -0700 (PDT)
Received: by 10.100.216.13 with HTTP; Fri, 1 Aug 2008 12:58:14 -0700 (PDT)
Message-ID: <9c8209a10808011258n1f87ce9nc7de3dfce6f98acf@mail.gmail.com>
Date: Fri, 01 Aug 2008 12:58:14 -0700
From: Murali Bashyam <mbcoder@gmail.com>
To: Stefanos Harhalakis <v13@v13.gr>
In-Reply-To: <200808011247.26976.v13@v13.gr>
MIME-Version: 1.0
References: <4891FB44.50704@cisco.com> <78C9135A3D2ECE4B8162EBDCE82CAD7704041514@nekter> <200808011247.26976.v13@v13.gr>
Cc: tcpm@ietf.org, Caitlin Bestler <Caitlin.Bestler@neterion.com>
Subject: Re: [tcpm] Please read
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0566901646=="
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org
On Fri, Aug 1, 2008 at 2:47 AM, Stefanos Harhalakis <v13@v13.gr> wrote: > On Thursday 31 July 2008, Caitlin Bestler wrote: > > Is an RFC really needed? > > > > I've always assumed that the application layer MAY > > do pretty much whatever it wants. Further application > > layer servers SHOULD protect their own resources against > > abusive clients. Those protection mechanisms MAY include > > terminating connections. > > > > All of that is true independent of any specific method > > of abusing server resources. > > Since this is an OS issue that will affect all running applications and it > is > impossible to ensure that all TCP-listening applications won't be > exploitable, I believe it is best to take some (customizable) measures at > the > OS side too (if understand correctly, that's what the resource management > entity, even if it is implemented as a user-space part). Of course any > application is able to enforce stricter rules. The resource management entity can be part of TCP or it can be in the OS/application and do its work based on feedback from TCP. > > Apart from that, I believe that the problem is not well defined. I don't > exactly understand what differentiates a zero sized window with a one-byte > window, etc... Transferring a 1MB file with 1-byte window is essentially > the > same (no?). It is also almost the same as never acking the last data > segment > and sending dup-acks for the previous for some time, or just acking 1 byte > every N retransmits, etc... Where exactly do you draw the line? There are solutions for those scenarios, UTO based. UTO doesn't kick in when the peer is offering zero window. The attempt in this draft is to *enable* alternatives to the TCP sender side by clarifying the 1122 verbiage and allowing resource management approaches, UTO based approaches to handle this condition etc. > > > Taking a broader look, since TCP's fundamental assumption is that the > remote > end is trustworthy, perhaps it is better to look at this and other TCP > attack > methods as a resource allocation problem and handle it as such. Most of the > time there won't be such an issue but in cases of an attack, there can be > algorithms that "evenly" allocate the shared resource (like available > sockets > or available buffer space). Also, to my knowledge there are cases where it > is > impossible to distinguish between legitimate behavior and malicious > behavior. > Most probably, taking at look at the shared resource approach will solve > this > and perhaps other future problems too that can be caused by attacks or > legitimate remote-ends. At the end, we may only need to point to that > problem > and indicate what a good policy is made of. That's the attempt here, to highlight the implications of this condition and possible solutions (to be posted in the second draft and in the combined draft earlier). The solutions are general enough to extend to the other scenarios you are describing. > > Nonce? > > p.s. I'll be away from keyboard for the next two weeks (starting tomorrow) > so > please excuse any delayed replies. > _______________________________________________ > tcpm mailing list > tcpm@ietf.org > https://www.ietf.org/mailman/listinfo/tcpm > -- Rgds, Murali Bashyam (c) (510)6736915 ----------------------------- CONFIDENTIAL -------------------- ***************************************************** This telecommunication and any data attached to, or included in it is considered confidential, and is intended only for use by the named recipient. The contents may be legally protected as any one or more of: copyrighted material, trade-secret protected material, attorney-client privileged material, attorney workproduct, or as material covered by any other legally available means. If you received this material in error, please notify the sender and destroy the original and all copies, whether electronic or otherwise. Thank you. ***************************************************** ------------------------------ CONFIDENTIAL --------------------
_______________________________________________ tcpm mailing list tcpm@ietf.org https://www.ietf.org/mailman/listinfo/tcpm
- [tcpm] Please read Mahesh Jethanandani
- Re: [tcpm] Please read Joe Touch
- Re: [tcpm] Please read Caitlin Bestler
- Re: [tcpm] Please read Stefanos Harhalakis
- Re: [tcpm] Please read Matt Mathis
- Re: [tcpm] Please read Murali Bashyam
- Re: [tcpm] Persist condition clarification draft,… Mahesh Jethanandani