| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 24 Feb 2009 14:59:55 -0800 From: Oliver Zheng <mailinglists+netdev@...verzheng.com> To: netdev@...r.kernel.org Subject: TCP/IP stack interpretation of acceptable packet I was investigating behaviour of the TCP/IP stacks and noticed that Linux has a peculiarity. When a packet is received with the correct sequence number but incorrect acknowledgement number (in my tests, it was higher than the correct acknowledgement number), the stack accepts the packet as a valid packet and passes the data up to the application (I do not know whether the ack information is accepted). According to the list of tests described here in the TCP RFC 793 [1], accepting a packet requires the packet to satisfy both sequence and acknowledgement number tests; otherwise, the entirety of the packet (its data and its acknowledgement information confirming reception of previous data) should be dropped. Is this intentional, a bug, or am I misinterpreting something? A nice flow chart that explains this procedure is here [2]. Not to instigate flame, but Windows does this correctly, or at least correctly in my interpretation of the spec. [1] http://tools.ietf.org/html/rfc793#page-69 [2] http://www.medianet.kent.edu/techreports/TR2005-07-22-tcp-EFSM.pdf (page 17) Cheers, Oliver -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists