[e2e] RFI: Microsoft accused of TCP standards violation

Vernon Schryver vjs at calcite.rhyolite.com
Mon Jan 6 09:08:58 PST 2003


> From: "David P. Reed" <dpreed at reed.com>

> ...
> It could also be a potential security risk, because if this
> is true, then it makes it very easy to IP-spoof a HTTP
> request against IIS (since the request is a self-contained
> packet instead of a long connection sequence).

If it's true, then it becomes interesting to ask about the initial
congestion window used by IIS.  For example, if you send a TCP segment
advertising a 60K window and containing an HTTP request for a large
HTTP document, will IIS blast 40 packets at a victim forged as the IP
source address?  Or will it send only 2 or 4 segments?

It sounds easy to test, and so wrong-headed that it must all be false.
Even the embrace and extenders in Redmond are that foolish...well,
not always.  Some of their PPP "enhancements" weren't far off.


Vernon Schryver    vjs at rhyolite.com




More information about the end2end-interest mailing list