Home page logo

basics logo Security Basics mailing list archives

Re: Yahoo Messenger Stale Sessions
From: phani () myrealbox com
Date: Sat, 16 Nov 2002 16:50:33 +0530

On Wed, Nov 13, 2002 at 01:50:49PM +0800, Leonard.Ong () nokia com wrote:
  As you mentioned if the OS has to perform cleanup and if Windows(I am assuming you are working on windows) does not 
do that then is this a flaw with the TCP/IP stack implementation of Windows ? How does it happen in Linux ? Any idea..


Yet, the OS should perform cleanup by implementing a tcp timeout ( default 3600 seconds ).  There are many protocols 
that doesn't send a FIN packet, yet they manage to terminate the session.

Leonard Ong
Network Security Specialist, APAC

Email.  Leonard.Ong () nokia com
Mobile. +65 9431 6184
Phone.  +65 6723 1724
Fax.    +65 6723 1596

Hmm, I'm not an expert in this, but I do realize if the 4-way handshake for
terminating a connection is not done properly, e.g. the user switched off
his dial-up modem abruptly, it would cause the "stale/zombie" sessions
described as above. The dial-up machine will not have the opportunity to
send the FIN to your machine.

You probably need to know the sequence number, source port, destination port
as well as source IP and destination IP (which you should know).

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]