subject:"\[PATCH v2 net\] tcp\: make challenge acks less predictable"

Re: [PATCH v2 net] tcp: make challenge acks less predictable

2016-07-13 Thread Yue Cao

I see your point and I agree with you that SSL protects victims from this hijacking attack, especially with full HSTS. For Windows case, since Windows is a black box for us, we tested its Challenge ACK mechanism with Windows Server 2012 R2 Base and Windows Server 2008 R2 from Amazon EC2. The resul

Re: [PATCH v2 net] tcp: make challenge acks less predictable

2016-07-11 Thread David Miller

From: Eric Dumazet Date: Sun, 10 Jul 2016 10:04:02 +0200 > From: Eric Dumazet > > Yue Cao claims that current host rate limiting of challenge ACKS > (RFC 5961) could leak enough information to allow a patient attacker > to hijack TCP sessions. He will soon provide details in an academic > paper

Re: [PATCH v2 net] tcp: make challenge acks less predictable

2016-07-11 Thread Yuchung Cheng

On Sun, Jul 10, 2016 at 1:04 AM, Eric Dumazet wrote: > From: Eric Dumazet > > Yue Cao claims that current host rate limiting of challenge ACKS > (RFC 5961) could leak enough information to allow a patient attacker > to hijack TCP sessions. He will soon provide details in an academic > paper. > >

Re: [PATCH v2 net] tcp: make challenge acks less predictable

2016-07-11 Thread Eric Dumazet

On Sun, 2016-07-10 at 11:28 -0700, Yue Cao wrote: > This second patch does make our attack much harder but it's still > possible to do such off-path attack with enough network bandwidth. > Here is our modified attack for this second patch. > > Modified Attack: > Main idea of our attack is to send

Re: [PATCH v2 net] tcp: make challenge acks less predictable

2016-07-10 Thread Yue Cao

This second patch does make our attack much harder but it's still possible to do such off-path attack with enough network bandwidth. Here is our modified attack for this second patch. Modified Attack: Main idea of our attack is to send multiple same spoofed packets in 1 second so attacker can conf

Re: [PATCH v2 net] tcp: make challenge acks less predictable

2016-07-10 Thread Neal Cardwell

On Sun, Jul 10, 2016 at 4:04 AM, Eric Dumazet wrote: > > From: Eric Dumazet > > Yue Cao claims that current host rate limiting of challenge ACKS > (RFC 5961) could leak enough information to allow a patient attacker > to hijack TCP sessions. He will soon provide details in an academic > paper. >

[PATCH v2 net] tcp: make challenge acks less predictable

2016-07-10 Thread Eric Dumazet

From: Eric Dumazet Yue Cao claims that current host rate limiting of challenge ACKS (RFC 5961) could leak enough information to allow a patient attacker to hijack TCP sessions. He will soon provide details in an academic paper. This patch increases the default limit from 100 to 1000, and adds so

Re: [PATCH v2 net] tcp: make challenge acks less predictable

Re: [PATCH v2 net] tcp: make challenge acks less predictable

Re: [PATCH v2 net] tcp: make challenge acks less predictable

Re: [PATCH v2 net] tcp: make challenge acks less predictable

Re: [PATCH v2 net] tcp: make challenge acks less predictable

Re: [PATCH v2 net] tcp: make challenge acks less predictable

[PATCH v2 net] tcp: make challenge acks less predictable

7 matches

Site Navigation

Mail list logo

Footer information