Re: DSA for CVE-2016-5696 (off-path blind TCP session attack)

To: Sam Morris <sam@robots.org.uk>, debian-security@lists.debian.org
Subject: Re: DSA for CVE-2016-5696 (off-path blind TCP session attack)
From: Elmar Stellnberger <estellnb@gmail.com>
Date: Tue, 16 Aug 2016 21:33:50 +0200
Message-id: <[🔎] cec68863-60aa-57db-a875-136a93ede040@gmail.com>
In-reply-to: <[🔎] pan$829dd$4a918de8$32d2cfeb$e590ebe3@robots.org.uk>
References: <[🔎] ca61a0f6965507312e653f9bf3d4e208@webmail.vdberg.org> <[🔎] 20160812153534.lzbw7phrat6pr2xe@eldamar.local> <[🔎] 20160812154656.bxqadsb566244tjk@jwilk.net> <[🔎] pan$829dd$4a918de8$32d2cfeb$e590ebe3@robots.org.uk>

Has anyone every thought of an in-path TCP session attack and ofencrypting sequence numbers by a given secret negotiated in advancebetween both endpoints? If an intelligence service ever wanted to do soI guess they could drive an in-path attack against TCP (as they tend tosit on the internet backbones everywhere they could easily listen to allpackets that pass by.).


Am 2016-08-15 um 20:42 schrieb Sam Morris:

On Fri, 12 Aug 2016 17:46:56 +0200, Jakub Wilk wrote:

* Salvatore Bonaccorso <carnil@debian.org>, 2016-08-12, 17:35:

mitigation could be used as per https://lwn.net/Articles/696868/ .


This is behind paywall at the moment.


Anyone who wishes to read this may use the following link:

https://lwn.net/SubscriberLink/696868/4d074b4d12dcb3dc/

And if you like the article, consider subscribing to LWN! Now that I
think about it, I'm pretty sure there's a group membership available to
all DDs anyway.

Reply to:

Follow-Ups:
- Re: DSA for CVE-2016-5696 (off-path blind TCP session attack)
  - From: Dylan Frese <dmfrese@gmail.com>

References:
- DSA for CVE-2016-5696 (off-path blind TCP session attack)
  - From: Richard van den Berg <richard@vdberg.org>
- Re: DSA for CVE-2016-5696 (off-path blind TCP session attack)
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Re: DSA for CVE-2016-5696 (off-path blind TCP session attack)
  - From: Jakub Wilk <jwilk@debian.org>
- Re: DSA for CVE-2016-5696 (off-path blind TCP session attack)
  - From: Sam Morris <sam@robots.org.uk>

Prev by Date: Re: DSA for CVE-2016-5696 (off-path blind TCP session attack)
Next by Date: Re: DSA for CVE-2016-5696 (off-path blind TCP session attack)
Previous by thread: Re: DSA for CVE-2016-5696 (off-path blind TCP session attack)
Next by thread: Re: DSA for CVE-2016-5696 (off-path blind TCP session attack)
Index(es):
- Date
- Thread