[Dshield] Vulnerability Issues in TCP
capegeo at opengroup.org
Thu Apr 22 12:48:11 GMT 2004
On Thursday 22 April 2004 06:44 am, Pete Cap wrote:
> So, am I missing something, or does FUD cover this
> issue like brown on rice?
If one examines the original notification, this article from CERT
(http://www.us-cert.gov/cas/techalerts/TA04-111A.html), and the
Internet Draft that Peter Stendahl-Juvonen referenced in the first post
of this thread, and observe the response that it has received from
those who actually run TCP-based networks, I think one must conclude
that this is not FUD.
Chapter 18 of Richard Stevens' book _TCP/IP_Illustrated,_Volume_1_ does
a great job of describing how TCP connections are made and broken.
Read that, read the documents referenced above, and then see what you
think . . .
capegeo at opengroup dot org
PGP Key ID: 0x63F0F642 available on most public key servers
"It is always possible to agglutenate multiple separate problems into a
single complex interdependent solution. In most cases this is a bad
idea." -- RFC 1925
More information about the list