Re: tcp vulnerability? haven't seen anything on it here...

From: alex
Date: Thu Apr 22 2004 - 10:59:55 EST

On Thu, 22 Apr 2004, Chris Friesen wrote:

> alex@xxxxxxxxxxxx wrote:
> > Nevertheless, number of packets to kill the session is still *large*
> > (under "best-case" for attacker, you need to send 2^30 packets)...
> I though the whole point of this vulnerability was that you "only"
> needed to send 64K packets, not 2^30.
64k packets if rwin is 64k and if you know ports on both sides.

If rwin is 16k (default on many routers) and you need to scan all
ephemeral ports, its 256k packets * number of ephemeral ports.

One router vendor has 4000 ephemeral ports maximum, resulting in 256k*4000
= ~1 billion packets.


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at