OT -- stop IP address spoofing?2004-11-23 12:58:50On Tue, 2004-11-23 at 05:05, Mark wrote: Hijack TCP sessions?? In the old days, it was relatively easy to discover the exact formula by studying packets and TCP sessions. Today, most OS-es implement random sequence number generation, making it extremely difficult to predict them accurately. The also try and use PAWS(Protection Against Wrapped Sequences), which makes the space you have to guess within bigger and can be useful for timestamping so you can compute rtt(round trip time)better. I think many OSes won't let you use the window-scaling tcp option unless you also use PAWS. In the long term I think that tcp connections that don't use both PAWS and ecn should be have their transmit window capped at 12k or so. http://dmoz.org/Bookmarks/P/pollei/Misc._Computer_stuff/Explicit_Congestion_Notification/ -- http://dmoz.org/profiles/pollei.html http://sourceforge.net/users/stephen_pollei/ http://www.orkut.com/Profile.aspx?uid=2455954990164098214 http://stephen_pollei.home.comcast.net/ GPG Key fingerprint = EF6F 1486 EC27 B5E7 E6E1 3C01 910F 6BB5 4A7D 9677 ------- Sender Policy Framework: http://spf.pobox.com/ Archives at http://archives.listbox.com/spf-discuss/current/ http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features SPF and Sender ID. To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
signature.asc
|
|