Re: tcp vulnerability? haven't seen anything on it here...

From: Florian Weimer
Date: Fri Apr 23 2004 - 05:32:06 EST

alex@xxxxxxxxxxxx writes:

> Not quite. With a SYN you have to respond with exactly the same sequence
> number as attacking host in order to establish connection. With RST, your
> sequence number needs to be +- rwin in order to kill the connection. That
> significantly reduces search space.

Don't forget that you can tear down a connection by sending a SYN in
the correct window as well.

Current mail filters: many dial-up/DSL/cable modem hosts, and the
following domains:,,,,,,
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at