On Tue, Jan 26, 2016 at 09:37:58PM +0000, Salz, Rich wrote:
> TFO is interesting because it lets UDP-style attacks happen at the TCP
> level. Normally you can't do a TCP attack unless you have a valid client
> IP address.
>
> Imagine connecting once and then sending the syncookie to the botnet.
I would expect that there is no "the cookie", and the cookie for
each client is different. So no single connection would obtain
cookies usable from multiple sources.
That is, cookies militate UDP-style attacks.
--
Viktor.
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
