IETF Logo Mail Archive

Re: Summary of responses so far and proposal moving forward[WasRe: [tcpm] Is this a problem?]

Mahesh Jethanandani <mahesh@cisco.com> Mon, 26 November 2007 21:35 UTC

Return-path: <tcpm-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IwlcT-0004Kw-0l; Mon, 26 Nov 2007 16:35:57 -0500
Received: from tcpm by megatron.ietf.org with local (Exim 4.43) id 1IwlcR-0004KT-Pv for tcpm-confirm+ok@megatron.ietf.org; Mon, 26 Nov 2007 16:35:55 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IwlcR-0004KF-Fq for tcpm@ietf.org; Mon, 26 Nov 2007 16:35:55 -0500
Received: from sj-iport-6.cisco.com ([171.71.176.117]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IwlcR-0000HZ-5c for tcpm@ietf.org; Mon, 26 Nov 2007 16:35:55 -0500
Received: from sj-dkim-4.cisco.com ([171.71.179.196]) by sj-iport-6.cisco.com with ESMTP; 26 Nov 2007 13:35:54 -0800
Received: from sj-core-1.cisco.com (sj-core-1.cisco.com [171.71.177.237]) by sj-dkim-4.cisco.com (8.12.11/8.12.11) with ESMTP id lAQLZspq020073; Mon, 26 Nov 2007 13:35:54 -0800
Received: from [171.69.75.93] (dhcp-171-69-75-93.cisco.com [171.69.75.93]) by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id lAQLZnus016985; Mon, 26 Nov 2007 21:35:49 GMT
Message-ID: <474B3C35.30207@cisco.com>
Date: Mon, 26 Nov 2007 13:35:49 -0800
From: Mahesh Jethanandani <mahesh@cisco.com>
Organization: Cisco Systems Inc.
User-Agent: Thunderbird 2.0.0.9 (Windows/20071031)
MIME-Version: 1.0
To: Joe Touch <touch@ISI.EDU>
Subject: Re: Summary of responses so far and proposal moving forward[WasRe: [tcpm] Is this a problem?]
References: <20071126161259.29EFA2FC343@lawyers.icir.org> <474AF34B.40805@isi.edu>
In-Reply-To: <474AF34B.40805@isi.edu>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=414; t=1196112954; x=1196976954; c=relaxed/simple; s=sjdkim4002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=mahesh@cisco.com; z=From:=20Mahesh=20Jethanandani=20<mahesh@cisco.com> |Subject:=20Re=3A=20Summary=20of=20responses=20so=20far=20and=20proposal= 20moving=20forward[WasRe=3A=0A=20[tcpm]=20Is=20this=20a=20problem?] |Sender:=20; bh=+DsupvZpotajFu7SMJEkt5cvqSs5TIECh4mn1H7tmFY=; b=np4bnkgzlO3wuYbI5pbfCs+WQ0vnj811xyWsFkaBrfO79MTa39nhcN2f+IIh2jLqWzElThsy OfWqUC3Qs7RzAXEIgsAFaW2ueXSdnSDcJqvhVcP/w9+TlPz7ujrjz0El;
Authentication-Results: sj-dkim-4; header.From=mahesh@cisco.com; dkim=pass ( sig from cisco.com/sjdkim4002 verified; );
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 08e48e05374109708c00c6208b534009
Cc: tcpm@ietf.org, mallman@icir.org
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Errors-To: tcpm-bounces@ietf.org

Joe Touch wrote:
>
> Note also that DOS attacks would likely not keep TCP connections around
> with zero windows AND continue to ACK - they'd stop ACKing, the
> connection would drop for *that* reason, and be recovered.
Quite the contrary. Our experimentation revealed that DoS attackers 
responded reliably with an ACK to all zero window probes and that 
connections stayed in established state for days.


_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www1.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email