Hosting Provided By

RE: Active response... some thoughts.

From: mb_lima <mb_lima(at)uol.com.br>
Date: Tue Jan 28 2003 - 13:19:49 EST

I think that the network infrastrucure can result in TCP retransmissions in the handshake phase increasing delay in connections establishment. TCP resets work fine in this case. I saw many colisions my router because it had a 2Mb Interface with Internet and 100Mb interfaces with internal network. Regards,

Marcelo.

> Why not? Packets travel quickly even on small pipes...
s.nrw.de;
> > abegetchell@qx.net; focus-ids@securityfocus.com
> > Subject: RE: Active response... some thoughts.
> >
> >
> >
> > Toby,
> >
> > > Actually, TCP resets don't work in many cases-
> > for instance any
> > > situation where you have a single packet exploit (say th
e Sa
> > phire
> > > worm that just ran through the Net)... This is the same
prob
> > lem
> > > that router/firewall reconfiguration has-
> > by the time the response
> > > happens, the compromise is done.
> >
> > I agree with you, but I think that in low bandiwith link
s
> > this is not a problem.
> >
> > Marcelo.
> >
> >
> > ---
> > UOL, o melhor da Internet
> > http://www.uol.com.br/
> >
>

---
UOL, o melhor da Internet
http://www.uol.com.br/

Received on Tue Jan 28 14:35:37 2003

This message: [ Message body ]
Next message: Umesh Shankar: "RE: tcp overlap"
Previous message: Rob Shein: "RE: tcp overlap"
Maybe in reply to: Abe L. Getchell: "Active response... some thoughts."
In reply to Kohlenberg, Toby: "RE: Active response... some thoughts."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:07 EDT