IETF Logo Mail Archive

Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat-02

Bob Briscoe <rbriscoe@jungle.bt.co.uk> Wed, 26 March 2008 14:42 UTC

Return-Path: <tcpm-bounces@ietf.org>
X-Original-To: ietfarch-tcpm-archive@core3.amsl.com
Delivered-To: ietfarch-tcpm-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7985328C5BB; Wed, 26 Mar 2008 07:42:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.148
X-Spam-Level:
X-Spam-Status: No, score=-100.148 tagged_above=-999 required=5 tests=[AWL=-0.311, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, J_CHICKENPOX_57=0.6, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2GYRU-MzCGoT; Wed, 26 Mar 2008 07:42:04 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1A65428C275; Wed, 26 Mar 2008 07:42:00 -0700 (PDT)
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B7ACF28C5DB for <tcpm@core3.amsl.com>; Wed, 26 Mar 2008 07:41:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 89fC7l+7NO6F for <tcpm@core3.amsl.com>; Wed, 26 Mar 2008 07:41:51 -0700 (PDT)
Received: from smtp2.smtp.bt.com (smtp2.smtp.bt.com [217.32.164.150]) by core3.amsl.com (Postfix) with ESMTP id 7AFEA3A6882 for <tcpm@ietf.org>; Wed, 26 Mar 2008 07:41:07 -0700 (PDT)
Received: from i2kc08-ukbr.domain1.systemhost.net ([193.113.197.71]) by smtp2.smtp.bt.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 26 Mar 2008 14:38:46 +0000
Received: from cbibipnt08.iuser.iroot.adidom.com ([147.149.100.81]) by i2kc08-ukbr.domain1.systemhost.net with Microsoft SMTPSVC(6.0.3790.1830); Wed, 26 Mar 2008 14:38:46 +0000
Received: From bagheera.jungle.bt.co.uk ([132.146.168.158]) by cbibipnt08.iuser.iroot.adidom.com (WebShield SMTP v4.5 MR1a P0803.399); id 1206542326769; Wed, 26 Mar 2008 14:38:46 +0000
Received: from mut.jungle.bt.co.uk ([10.215.130.87]) by bagheera.jungle.bt.co.uk (8.13.5/8.12.8) with ESMTP id m2QEchkI001007; Wed, 26 Mar 2008 14:38:45 GMT
Message-Id: <200803261438.m2QEchkI001007@bagheera.jungle.bt.co.uk>
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Wed, 26 Mar 2008 14:38:53 +0000
To: Stefanos Harhalakis <v13@v13.gr>
From: Bob Briscoe <rbriscoe@jungle.bt.co.uk>
In-Reply-To: <20080326042515.GD24842@cs.umd.edu>
References: <200803260029.33658.v13@v13.gr> <20080326042515.GD24842@cs.umd.edu>
Mime-Version: 1.0
X-Scanned-By: MIMEDefang 2.56 on 132.146.168.158
X-OriginalArrivalTime: 26 Mar 2008 14:38:46.0645 (UTC) FILETIME=[191B0A50:01C88F4F]
Cc: tcpm@ietf.org
Subject: Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat-02
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org

Stefanos,

I'd tend to agree with ROb - publication is unlikely to get the 
solution out there any quicker.

If you're willing, you can always make the code available but require 
the downloader to contact you personally for a copy. Not ideal, but a 
decent compromise.


BOb

At 04:25 26/03/2008, Rob Sherwood wrote:
>On Wed, Mar 26, 2008 at 12:29:33AM +0200, Stefanos Harhalakis wrote:
> > Hello there,
> >
> > While experimenting I've written a (small) python program that 
> utilizes the
> > TCP weakness that is addressed in 
> draft-moncaster-tcpm-rcv-cheat-02 (which I
> > discovered latter). Using it, I was able to make an (under my 
> control) HTTP
> > server generate a constant 5-minute (until I interrupted it) 
> 900Mbps traffic
> > over the Internet using just a DSL line. Theoretically it could 
> also be done
> > using a 64Kbps ISDN line, it is 100% reproduceable and it can be 
> used on many
> > web servers with fast internet connections.
> >
> > I'm considering wether I should make this (small) tool public or not.
>
>As a data point, I have choosen not to publish the PoC code I created
>for this attack ("TCP Receivers Can Cause Internet-Wide Congestion
>Collapse" CCS 2005).  While I am a strong proponent of full disclosure,
>I don't think releasing the code will speed the acceptance of the
>proposed solution.
>
>- Rob
>.
>_______________________________________________
>tcpm mailing list
>tcpm@ietf.org
>https://www.ietf.org/mailman/listinfo/tcpm

____________________________________________________________________________
Bob Briscoe, <bob.briscoe@bt.com>      Networks Research Centre, BT Research
B54/77 Adastral Park,Martlesham Heath,Ipswich,IP5 3RE,UK.    +44 1473 645196 


_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email