re: TCP vulnerability


For those not helped too much the MD5 Signature Option, this
i-d addresses the attacks in the Watson paper (it was meant to
come out just when the advisory came out, but they jumped the gun).

There are implementations in *xes and router OSes - more info
from those sources.


-------- Forwarded Message

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the TCP Maintenance and Minor Extensions Working Group of the IETF.

  Title : Transmission Control Protocol security considerations
  Author(s) : R. Stewart
  Filename : draft-ietf-tcpm-tcpsecure-00.txt
  Pages : 10
TCP (RFC793 [1]) is widely deployed and one of the most often used
   reliable end to end protocols for data communication. Yet when it was
   defined over 20 years ago the internet, as we know it, was a
   different place lacking many of the threats that are now common.
   Recently several rather serious threats have been detailed that can
   pose new methods for both denial of service and possibly data
   injection by blind attackers. This document details those threats and
   also proposes some small changes to the way TCP handles inbound
   segments that either eliminate the threats or at least minimize them
   to a more acceptable level.

A URL for this Internet-Draft is:

- --4737358894.1082487684/

------- End of Forwarded Message