[ih] STD 7, RFC 9293 on Transmission Control Protocol (TCP)
John Kristoff
jtk at dataplane.org
Wed Aug 24 06:28:51 PDT 2022
On Wed, 24 Aug 2022 09:58:11 +0200
Craig Partridge via Internet-history <internet-history at elists.isoc.org>
wrote:
> I have not tracked closely in a while but believe that we haven't
> seen a new attack in over 10 years and that various TCP tweaks have
> dealt with these issues.
While not an attack directly on TCP, it has been shown there is
a way to conduct source address-spoofed TCP-based amplification
and reflection attacks with relatively little effort. The
problem is not in TCP itself, but in how middle boxes maintain
TCP state for the end points between boundaries, or don't
maintain state as is the case here. Most attacks are mostly now found
in the larger tweaks.
For those that haven't seen this paper, it is worth a look, and may
result in a lot of "I told you so's" for those who have been skeptical
of middle boxes. :-)
<https://www.cs.umd.edu/~kbock/talk/usenix21/>
John
More information about the Internet-history
mailing list