Re: [PATCHv2] dccp: Do not send Dccp-Sync after received sequence-invalid Dccp-Reset | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
Eddie Kohler wrote:
Gerrit Renker wrote:7.5.4. Handling Sequence-Invalid Packets o A sequence-invalid DCCP-Reset packet MUST elicit a DCCP-Sync packet in response (subject to a possible rate limit). This response packet MUST use a new Sequence Number, and thus will increase GSS; GSR will not change, however, since the received packet was sequence-invalid. The response packet's Acknowledgement Number MUST equal GSR. But reponse to a sequence-invalid DCCP-Reset with acknowledgement number equal to GSR will help to attack for sequence number. ...>The requiremement of using GSR here is related to fixing another bug whichleads to a flood of Sync/Reset packets. A description of that bug is on http://www.mail-archive.com/dccp@xxxxxxxxxxxxxxx/msg01594.htmlFurthermore, Yongjun, I don't see how this is an "attack." DCCP is not robust against an attacker who can receive packets in the relevant connection, such as the two DCCP-Syncs in your example. Your attack is out of the threat model.
I misunderstood the sequence number attack.^_^ Thanks Wei Yongjun -- To unsubscribe from this list: send the line "unsubscribe dccp" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
[Kernel List] [Site Home] [IETF DCCP] [Linux Networking] [Git] [Security] [Linux Assembly] [Bugtraq] [Rubini] [Photo] [Yosemite] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Linux SCSI] [DDR & Rambus] [Linux Resources]
|