mailing list archives
Re: Ambiguities in TCP/IP - firewall bypassing
From: Tony Finch <dot () dotat at>
Date: Sat, 19 Oct 2002 02:33:57 +0100
Alun Jones <alun () texis com> wrote:
Not necessarily. Have you heard of T/TCP? Before that was around, I
remember hearing discussion of using a packet with SYN, FIN, and data all
in one, to cut down on round-trips in really short communications, while
still providing reliability.
One of the problems with T/TCP on the wider Internet is that it is almost
as vulnerable to source address spoofing as UDP, so security facilities
like those provided by tcp_wrappers (and built in to many daemons) are
no longer so effective. With vanilla TCP, the T/TCP combination of SYN+
data+FIN isn't useful, because the passive end should discard data that
arrives before the handshake is completed in order to preserve its spoof-
resistence, therefore requiring a retransmit.
f.a.n.finch <dot () dotat at> http://dotat.at/
FORTIES CROMARTY FORTH TYNE DOGGER: NORTHWESTERLY 4 OR 5, OCCASIONALLY 6.
Re: Ambiguities in TCP/IP - firewall bypassing Florian Weimer (Oct 19)
Re: Ambiguities in TCP/IP - firewall bypassing David Wagner (Oct 19)
RE: Ambiguities in TCP/IP - firewall bypassing Ofir Arkin (Oct 22)