Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability)

About Merit

Services

Network

Resources & Support

Network Research

News

Events

Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability)

From: Patrick W.Gilmore
Date: Fri Apr 23 09:12:01 2004

On Apr 23, 2004, at 4:07 AM, Pekka Savola wrote:

On Thu, 22 Apr 2004, Patrick W.Gilmore wrote:

Hrmmm, would the GTSM work with loopback peering?  ISTR it allowed a
TTL of 254, which should make it to the loopback interface.

Only flawed implementations have to use TTL of 254 when you have a
session between two adjacent loopbacks.  But I think those still
exist...

(TTL should only be decremented when _forwarding_, and I don't think
you could argue that you need to _forward_ a packet from your ingress
interface to your _loopback_ interface..)

Well, if that were the case, then you wouldn't need multi-hop to do loopback peering.

--
TTFN,
patrick

Follow-Ups:
- Re: Alternate and/or hidden infrastructure addresses (BGP/TCPRST/SYN vulnerability) Alex Bligh
- Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYNvulnerability) sthaug

References:
- Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYNvulnerability) Pekka Savola

Prev by Date: The Cidr Report
Next by Date: Point and click tools released for RST/SYN vulnerability
Date Index
Thread Index
Author Index
Historical