[ih] History of duplicate address tests
touch at strayalpha.com
touch at strayalpha.com
Wed Nov 30 07:37:04 PST 2022
> On Nov 29, 2022, at 1:51 PM, Jack Haverty via Internet-history <internet-history at elists.isoc.org> wrote:
>
> I'm surprised (and disappointed) if this "feature" still exists.
>
> Back in the mid 80s, we created a simple software tool we called a "Flakeway". The purpose was to simulate network problems in order to test out a TCP's ability to deal with IP datagrams that were actually dropped, reordered, duplicated, or otherwise mangled in transit. Computers directly connected to the ARPANET never encountered such conditions, so we looked for a way to create them in order to see if a TCP implementation really worked.
> ...
> This tool was very useful. Programming it took only a day or two. But it did seem to reveal a vulnerability in the protocols. E.g., you could easily pretend to be any other Internet computer and possibly convince some user to enter sensitive information or do other nasty things.
>
> This was all reported, quietly, to IETF, so it could be fixed. Meanwhile, it was a useful tool. About ten years later, in the early 90s, I tried using the tool again and discovered that it still worked. I don't know if that was because the protocols hadn't been improved, or because the computers involved weren't up to date.
It wasn’t fixed until 2008 with RFC5227. So I don’t think ARP qualifies as DAD until that date.
Joe
More information about the Internet-history
mailing list