On Wed, Oct 01, 2008 at 03:31:00PM +0200, Stephan A. Rickauer wrote: > On Wed, 2008-10-01 at 14:52 +0200, Leon Dippenaar wrote: > > Hi there, > > > > is there any weight to this new story on slashdot > > http://it.slashdot.org/it/08/10/01/0127245.shtml > > > > about a new attacker possible to break any tcp stack? Sounds rather > > shady, so here I am, perhaps you guys have your ears closer to the ground > > A little bit less vage info can be found here > > http://tinyurl.com/3hv3kf >
This article is mostly about exploiting SYN cookies to bring servers into resource starvation. OpenBSD does not implement SYN cookies. We have a SYN cache with a upper limit of open handshakes. Together with random initial sequence numbers it is hard to finish the 3-way handshake without getting the SYN/ACK from the server on OpenBSD systems. I'm not too concerned about this "fundamental problem with TCP" but as usual the mentioned article is less informative then the back side of my breakfast cereals box. -- :wq Claudio