Interesting People mailing list archives

Ok guys and girls -- just who is telling the truth.

From: David Farber <dave () farber net>
Date: Sat, 24 May 2008 15:56:30 -0400




Begin forwarded message:

From: Karl Auerbach <karl () cavebear com>
Date: May 24, 2008 1:54:32 PM EDT
To: David Farber <dave () farber net>
Cc: ip <ip () v2 listbox com>
Subject: Re: [IP] Re: Ok guys and girls -- just who is tellingthe truth.

David Farber wrote:
Sorry for the misumderstanding of what Comcast said -- I heard STOPnot stop someday real soon djf (they need better communictions)
________________________________________
From: Brett Glass [brett () lariat net]
Comcast has not said that they have stopped using RST packets (theword
"forged" is not appropriate, because they do not misrepresent their
origins; a RST packet is an announcement BY THE NETWORK that aconnection
has been administratively severed or had an error).
I'd like to see the Internet Standard - by RFC number and section -that
supports that claim.
As I read the TCP RFC (RFC793 - http://www.ietf.org/rfc/rfc0793.txt ) a
reset is generated by the TCP peer and only by the TCP peer, which
suggests that any generation of a TCP reset by another entity isbeyond
and outside the Internet Standard for TCP.

As far as I know there is no other Internet Standard that defines any
other use of the TCP reset packet.

So, in the absence of any supporting Internet Standard I'd have to
conclude that a TCP reset that purports to come from a TCP peer butwas,in fact, generated by some other device, is a violation of the TCPstandard.
And if such an action is contrary to Internet Standards then one can
only conclude that the use of an IP address to falsely indicate the
source IP address of a packet for the purpose of interfering andharming
a TCP connection is more than a merely fraudulent usurpation of
identity, it is fraudulent usurpation with an explicit intent to cause
harm and interfere with the lawful activities of another.

TCP reset generation by third parties has about the same degree of
legitimacy as phishing email - both are trying to elicit an self-harming
action on the part of an internet user, or his/her software, based on
the expropriation of an internet identity of another.

               --karl--




-------------------------------------------
Archives: http://www.listbox.com/member/archive/247/=now
RSS Feed: http://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com

Current thread:

Ok guys and girls -- just who is telling the truth. David Farber (May 23)
- <Possible follow-ups>
- Re: Ok guys and girls -- just who is telling the truth. David Farber (May 24)
- Ok guys and girls -- just who is telling the truth. David Farber (May 24)
- Ok guys and girls -- just who is telling the truth. David Farber (May 24)