Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat-02
John Kristoff <jtk@depaul.edu> Thu, 27 March 2008 22:14 UTC
Return-Path: <tcpm-bounces@ietf.org>
X-Original-To: ietfarch-tcpm-archive@core3.amsl.com
Delivered-To: ietfarch-tcpm-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C38EE28C95A; Thu, 27 Mar 2008 15:14:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.797
X-Spam-Level:
X-Spam-Status: No, score=-100.797 tagged_above=-999 required=5 tests=[AWL=-0.360, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7wvdx62rgETD; Thu, 27 Mar 2008 15:14:11 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E1D3828C932; Thu, 27 Mar 2008 15:14:11 -0700 (PDT)
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6D8D028C705 for <tcpm@core3.amsl.com>; Thu, 27 Mar 2008 15:14:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MPUZgScJUu8F for <tcpm@core3.amsl.com>; Thu, 27 Mar 2008 15:14:10 -0700 (PDT)
Received: from smtp1.is.depaul.edu (smtp1.is.depaul.edu [140.192.20.72]) by core3.amsl.com (Postfix) with ESMTP id 90E4028C7D2 for <tcpm@ietf.org>; Thu, 27 Mar 2008 15:14:10 -0700 (PDT)
Received: from condor.depaul.edu (condor.depaul.edu [140.192.1.6]) by smtp1.is.depaul.edu (Postfix) with ESMTP id 7C1003B4F1 for <tcpm@ietf.org>; Thu, 27 Mar 2008 17:11:50 -0500 (CDT)
Received: from jtk.local (localhost [127.0.0.1]) by condor.depaul.edu (Postfix) with SMTP id 1AC133B8 for <tcpm@ietf.org>; Thu, 27 Mar 2008 17:11:48 -0500 (CDT)
Date: Thu, 27 Mar 2008 17:11:47 -0500
From: John Kristoff <jtk@depaul.edu>
To: tcpm@ietf.org
In-Reply-To: <200803272328.54956.v13@v13.gr>
References: <200803260029.33658.v13@v13.gr> <200803271708.m2RH88ic024800@venus.xmundo.net> <200803272328.54956.v13@v13.gr>
X-Mailer: Sylpheed version 2.2.2 (GTK+ 2.8.12; i386-apple-darwin8.5.2)
Mime-Version: 1.0
Message-Id: <20080327221148.1AC133B8@condor.depaul.edu>
Subject: Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat-02
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org
On Thu, 27 Mar 2008 23:28:54 +0200 Stefanos Harhalakis <v13@v13.gr> wrote: > Thank you for the information. It was very helpfull. After thinking it a lot, > I decided to first disclose it in the form of a paper which should further > alert vendors and security organizations (I'll contact them when it is ready) > but it won't be used by script-kiddies reading the bugtraq. I believe that > this is the best approach (tm) right now and that it won't do any harm. From an operational perspective my personal opinion is that this is probably the best approach at this time. Releasing code is likely going to result in two things, pain for some and public notoriety for you. Sounds like your ego is already well intact. Thats good. :-) Perhaps you or a designated colleague would be willing to give a lightning talk and expose the attack(s) to a forum such as USENIX, RIPE or NANOG to help raise awareness? A few well formed graphs showing real-world results might get some influential operators and implementors to put mitigation higher on the priority list? John _______________________________________________ tcpm mailing list tcpm@ietf.org https://www.ietf.org/mailman/listinfo/tcpm
- [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat-02 Stefanos Harhalakis
- Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat… Rob Sherwood
- Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat… Bob Briscoe
- Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat… Pekka Savola
- Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat… Rob Sherwood
- Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat… Caitlin Bestler
- Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat… Anantha Ramaiah (ananth)
- Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat… Jakob Heitz
- Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat… Rob Sherwood
- Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat… David Malone
- Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat… Rob Sherwood
- Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat… Stefanos Harhalakis
- Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat… Fernando Gont
- Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat… Stefanos Harhalakis
- Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat… John Kristoff
- Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat… Caitlin Bestler
- Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat… Bob Briscoe
- Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat… Rob Sherwood