1 |
On 20.04.2004 22:31, Devon wrote: |
2 |
|
3 |
> I think they focused on BGP because bringing down BGP connections would |
4 |
> cause route damping and take networks offline and cause outages for a |
5 |
> larger portion of people versus sending a RST for someone's large FTP |
6 |
> download. :) Unless my understanding is wrong, this would affect *any* |
7 |
> established TCP connection that is open for a period of time. |
8 |
|
9 |
Yep... and it seems to be an easier target, cause it uses long lived TCP |
10 |
connections and the ports are sometimes available through looking |
11 |
glasses. (taken from above article) |
12 |
|
13 |
> Does anyone have any information about the Linux kernel? I checked the |
14 |
> linux-kernel ML at MARC, but I didn't see anything about it. I saw |
15 |
> something from Theo on the OpenBSD mailing list that OpenBSD had some |
16 |
> protection already. I saw some discussion on the FreeBSD mailing lists |
17 |
> and the Debian mailing lists also. |
18 |
|
19 |
Not sure. What first came to my mind is some configuration option in a |
20 |
grsecurity patched kernel, which replaces the way of selecting ISNs from |
21 |
the way Linux does to how OpenBSD does... random that seems to be. |
22 |
|
23 |
|
24 |
According to posts on NANOG, this appears to be the reason why md5 |
25 |
authentication seems to be spreading wider lately. |
26 |
|
27 |
Matthias |
28 |
|
29 |
P.S.: |
30 |
Only had a very quick look, so I hope I'm not mistaken. |
31 |
|
32 |
|
33 |
|
34 |
-- |
35 |
gentoo-security@g.o mailing list |