Re: Major TCP Vulnerability

To: debian-security@lists.debian.org
Subject: Re: Major TCP Vulnerability
From: Florian Weimer <fw@deneb.enyo.de>
Date: Tue, 20 Apr 2004 23:45:46 +0200
Message-id: <[🔎] 87n0561fxx.fsf@deneb.enyo.de>
In-reply-to: <[🔎] 20040420203909.GA10952@zionlth.org> (Phillip Hofmeister's message of "Tue, 20 Apr 2004 16:39:09 -0400")
References: <[🔎] 20040420203909.GA10952@zionlth.org>

Phillip Hofmeister <plhofmei@zionlth.org> writes:

> This article isn't anything I am going to loose sleep over.  Any mission
> critical long term TCP connections over an untrusted network (The
> Internet) should already be using IPSec.

Core routers usually don't have the CPU power to run IPsec (yes, it
sounds ridiculous, but it's mostly that way).

However, I agree that this won't have much impact on the network as a
whole. The emergency reconfiguration that took place during the past
weeks (and which is being touted by the media as a prudent
countermeasure) caused more large-scale destabilization than future
attacks. 8-(

-- 
Current mail filters: many dial-up/DSL/cable modem hosts, and the
following domains: atlas.cz, bigpond.com, postino.it, tiscali.co.uk,
tiscali.cz, tiscali.it, voila.fr.

Reply to:

Follow-Ups:
- RE: Major TCP Vulnerability
  - From: "Steve Ramage" <rospammedme@sjrx.net>

References:
- Re: Major TCP Vulnerability
  - From: Phillip Hofmeister <plhofmei@zionlth.org>

Prev by Date: RE: Major TCP Vulnerability
Next by Date: RE: Major TCP Vulnerability
Previous by thread: Re: Major TCP Vulnerability
Next by thread: RE: Major TCP Vulnerability
Index(es):
- Date
- Thread