lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 25 Jul 2007 11:44:35 +0100
To:	David Miller <>
Subject: [PATCH 0/3] TCP timestamp hardening (update)

These patches deal with issues brought up by Gavin McCullagh
about reactions of Cubic and HTCP to hostile receivers that return
bogus timestamp options. If the receiver crafts a timestamp that is
larger than the original, then some of the congestion control algorithms
maybe come unfair.

The solution in these patches is to only use local values to measure
RTT for congestion control.  The timestamp is still used as described
in RFC's to measure RTT used for retransmit timer.

Thank you to Sangtae Ha for testing, these, see:
He also found some pre-existing problems with TCP-LP that might
be related to NAPI on the receiver.

This should go into 2.6.23. But not into the stable kernel
since the risk of causing regression is greater than the possible
risk exposure.


To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists