| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 15 Aug 2010 12:38:40 -0400
From: Stephen Hemminger <shemminger@...tta.com>
To: David Miller <davem@...emloft.net>
Cc: dada1@...mosbay.com, herbert@...dor.apana.org.au,
netdev@...r.kernel.org
Subject: Re: GTSM and TCP accept problem
On Sat, 14 Aug 2010 22:12:58 -0700 (PDT)
David Miller <davem@...emloft.net> wrote:
> From: Stephen Hemminger <shemminger@...tta.com>
> Date: Sat, 14 Aug 2010 21:46:34 -0400
>
> > The implementation of Generalized TTL Security has a problem
> > on the TCP accept side. Since there can be different number of
> > hops for each peer, the listener ends up doing
> >
> > socket
> > bind
> > set TTL to 255
> > listen
> > while (nfd = accept(peer)) {
> > info = lookup(peer)
> > set MINTTL to 255 - info->ttl_hops
>
> Surely when creating the initial listening socket we should use the
> minimum TTL over the set of peers right?
>
> That surely takes most of the fun out of this problem for the
> attacker.
That only works if all peers are external and using ttl-security.
If any peer is not using ttl-security, then that peer will be
sending with low TTL and the SYN would get dropped.
The real problem goes back to the GTSM RFC assumptions that TTL
security will be done by firewall, not TCP itself.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists