IETF Logo Mail Archive

Re: [tcpm] DoS attack from misbehaving receivers

Joe Touch <touch@ISI.EDU> Thu, 11 January 2007 21:29 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1H57U6-0001TM-By; Thu, 11 Jan 2007 16:29:18 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1H57U4-0001Qd-Vj for tcpm@ietf.org; Thu, 11 Jan 2007 16:29:16 -0500
Received: from vapor.isi.edu ([128.9.64.64]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1H57U3-0008RY-FZ for tcpm@ietf.org; Thu, 11 Jan 2007 16:29:16 -0500
Received: from [127.0.0.1] ([128.9.176.75]) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id l0BLSe77021307; Thu, 11 Jan 2007 13:28:43 -0800 (PST)
Message-ID: <45A6AC06.2030402@isi.edu>
Date: Thu, 11 Jan 2007 13:28:38 -0800
From: Joe Touch <touch@ISI.EDU>
User-Agent: Thunderbird 1.5.0.9 (Windows/20061207)
MIME-Version: 1.0
To: Caitlin Bestler <caitlinb@broadcom.com>
Subject: Re: [tcpm] DoS attack from misbehaving receivers
References: <54AD0F12E08D1541B826BE97C98F99F1EE6E4E@NT-SJCA-0751.brcm.ad.broadcom.com>
In-Reply-To: <54AD0F12E08D1541B826BE97C98F99F1EE6E4E@NT-SJCA-0751.brcm.ad.broadcom.com>
X-Enigmail-Version: 0.94.0.0
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 0ddefe323dd869ab027dbfff7eff0465
Cc: david.malone@nuim.ie, tcpm@ietf.org
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0587280065=="
Errors-To: tcpm-bounces@ietf.org


Caitlin Bestler wrote:
> Rob Sherwood wrote:
>> I guess I should probably jump in here somewhere :-)
>>
>> On Thu, Jan 11, 2007 at 12:00:59PM -0800, Caitlin Bestler wrote:
>>> The proposed test for a non-compliant receiver would seem to require
>>> that the sender be non-compliant itself.
>> I'm not sure I understand this comment.  Part of the utility
>> of the solution is that unmodified receivers can communicate
>> with senders that randomly skip segments, because segment
>> reordering and dropping is already handled by TCP.
> 
> Having the sender skip segments will indeed detect a non-compliant
> receiver that acks segments that were never sent. But sending
> non-contiguous TCP segments is itself not compliant.

Technically, that's equivalent to losing or reordering segments. As long
as you can't tell the difference from the receiver's point of view, why
is this not compliant?

Joe
-- 
----------------------------------------
Joe Touch
Sr. Network Engineer, USAF TSAT Space Segment


_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www1.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email