In this paper, the authors show how a receiver conforming to the TCP
protocol can manipulate this protocol to force the sender send excessive
segments into the network (despite the congestion control designated in
TCP protocol).
The authors have well identified the problems (though some of them were
discovered earlier in the literature) and developed solutions for these
problems; however, deploying their solutions needs major changes
introduced into the TCP protocol. I think, now that adopting a change in
the Internet community requires a great cost (including the change of OS
on Web Servers and Clients), it is more economic (and feasible) to go
after some heuristics for surviving upon these attacks. Moreover, these
attacks are mainly targeted onto web-servers which makes heuristic
solutions more applicable (because they should be deployed only on the
web-servers – rather than all the clients).
My suggestion to the authors is that now that they were able to find the
stem of TCP vulnerabilities, they own better incentives to develop
heuristics for overriding corresponding attacks. Once again, moving
towards a whole protocol spec. change is very costly when considering the
number of Internet users including clients.
Received on Mon Oct 31 2005 - 11:19:45 EST
This archive was generated by hypermail 2.2.0 : Mon Oct 31 2005 - 11:19:46 EST