T/TCP
in [Linux Networking]
|
Prev: CentOS 5.4 and VNC
Next: LAN - IPX/SPX and TCP/IP
From: Karthik Balaguru on 28 Feb 2010 14:18 Hi, I have been thinking about the connection speed and recently came across the T/TCP :-) I understand that T/TCP was introduced to provide advantages of the TCP and UDP. That is, it coupules the reliability of TCP and the speed of UDP . Interesting to know that the 3-way handshake method can be bypassed by TCP Accelerated Open (TAO) and also the TIME_WAIT can be truncated to provide the extra speed ! The below link seems to convey the main security problems w.r.t T/TCP - http://web.archive.org/web/20071018112125/www.phrack.org/issues.html?issue=53&id=6 It seems to convey that the attacker easily gets the spoofed connection into the established state and that he does not need to predict the return sequence number as in normal TCP . It seems that he just needs to ensure the success of the TAO test. I also came across the below link - http://www.mid-way.org/doc/ttcp-sec.txt But, are there any fix/tricks to overcome these issues so that the benefits of T/TCP can be harnessed ? Any ideas ? Thx in advans, Karthik Balaguru
From: Jorgen Grahn on 28 Feb 2010 16:53 ["Followup-To:" header set to comp.protocols.tcp-ip.] On Sun, 2010-02-28, Karthik Balaguru wrote: > Hi, Didn't you agree a few days ago *not* to crosspost like that? This is offtopic in all of the five groups you are posting to, except comp.protocols.tcp-ip. /Jorgen -- // Jorgen Grahn <grahn@ Oo o. . . \X/ snipabacken.se> O o .
From: Karthik Balaguru on 28 Feb 2010 21:11 On Mar 1, 2:53 am, Jorgen Grahn <grahn+n...(a)snipabacken.se> wrote: > ["Followup-To:" header set to comp.protocols.tcp-ip.] > > On Sun, 2010-02-28, Karthik Balaguru wrote: > > Hi, > > Didn't you agree a few days ago *not* to crosspost like that? This is > offtopic in all of the five groups you are posting to, except > comp.protocols.tcp-ip. > Since this query is related with networking and security issues, the security and networking groups were included for this query so that they could share their thoughts. But, if it is very much out-of topic in those groups, then it can be considered just as you conveyed. Thx in advans, Karthik Balaguru
|
Pages: 1 Prev: CentOS 5.4 and VNC Next: LAN - IPX/SPX and TCP/IP |