Chris Angelico <ros...@gmail.com>: > On Tue, Jul 3, 2018 at 10:26 PM, Marko Rauhamaa <ma...@pacujo.net> wrote: >> It's crucial that the killed party is the server for the situation to >> arise. >> >> That's why polite clients close their end of the connection before >> the server. Whoever closes first will suffer the TIME-WAIT state. > > The same thing can happen with clients AND servers, but it's very > common with clients to allow an arbitrary port number to be chosen for > you. To trigger this problem from the client end, you would need to > use the same port. An attacker can do this easily.
No, I mean that the TIME-WAIT state is triggered asymmetrically. See RFC 793 page 23. Whoever sends FIN first will end up in TIME-WAIT for 2*MSL. A client that doesn't send FIN first will cause an accumulation of connection objects (TCBs) at the server end. It can also prevent the server from being restarted quickly. The SO_REUSEADDR discussion has no direct relationship with computer or network security. In fact, I don't see any reason why it's not always on for TCP. Maybe it's done so UDP and TCP (and other protocols) would work similarly. Marko -- https://mail.python.org/mailman/listinfo/python-list
