[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Fwd: Minutes / Notes

To: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
Subject: Re: Fwd: Minutes / Notes
From: Pekka Nikander <pekka.nikander@nomadiclab.com>
Date: Fri, 25 Jul 2003 08:37:37 +0300
Cc: multi6@ops.ietf.org
In-reply-to: <200307241728.CAA07568@necom830.hpcl.titech.ac.jp>
References: <200307241728.CAA07568@necom830.hpcl.titech.ac.jp>
User-agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.3) Gecko/20030312

Masataka Ohta wrote:

Yes, lacking proper acknowledgements from 131.112.32.132, the
peer will terminate the stream.

Exactly.

That is, you can't send proper acknowledgements, unless you can
receive packets to 131.112.32.132, which is the return routability.

Not true.  If you open a TCP session and receive the first
few packets, it is easy enough to generate fake ACKs.

Assuming that there is no packet losses and that the attacker
send acks slowly enough, maybe.

The attacker doesn't need to send the acks very slowly. See

Stefan Savage, Neal Cardwell, David Wetherall, and Tom Anderson,
"TCP Congestion Control with a Misbehaving Receiver",
CCR, 1999.

Note especially that after some initial data stream,
the attacker can ignore incoming data (attack 3).

--Pekka Nikander

Follow-Ups:
- Re: Fwd: Minutes / Notes
  - From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>

References:
- Re: Fwd: Minutes / Notes
  - From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>

Prev by Date: Re: Minutes / Notes
Next by Date: Re: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/ Notes)
Previous by thread: Re: Fwd: Minutes / Notes
Next by thread: Re: Fwd: Minutes / Notes
Index(es):
- Date
- Thread