[Dshield] Vulnerability Issues in TCP

George Capehart capegeo at opengroup.org
Thu Apr 22 12:48:11 GMT 2004


On Thursday 22 April 2004 06:44 am, Pete Cap wrote:

<snip>

>
> So, am I missing something, or does FUD cover this
> issue like brown on rice?

Pete,

If one examines the original notification, this article from CERT 
(http://www.us-cert.gov/cas/techalerts/TA04-111A.html), and the 
Internet Draft that Peter Stendahl-Juvonen referenced in the first post 
of this thread, and observe the response that it has received from 
those who actually run TCP-based networks, I think one must conclude 
that this is not FUD.

Chapter 18 of Richard Stevens' book _TCP/IP_Illustrated,_Volume_1_ does 
a great job of describing how TCP connections are made and broken.  
Read that, read the documents referenced above, and then see what you 
think . . .

Cheers,

George Capehart
-- 
George Capehart

capegeo at opengroup dot org

PGP Key ID: 0x63F0F642 available on most public key servers

"It is always possible to agglutenate multiple separate problems into a
 single complex interdependent solution.  In most cases this is a bad
 idea."  -- RFC 1925





More information about the list mailing list