[openssl-dev] [openssl.org #4271] Enhancement Request: Support TCP Fast Open

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Jan 27 00:27:04 UTC 2016


On Tue 2016-01-26 16:37:58 -0500, Salz, Rich wrote:
> TFO is interesting because it lets UDP-style attacks happen at the TCP
> level.  Normally you can't do a TCP attack unless you have a valid
> client IP address.
>
> Imagine connecting once and then sending the syncookie to the botnet.

This suggests that you have on-path capabilities between each of the
reflectors and the victim, right?

If you have on-path capabilities, couldn't you do a similar attack
against a live TCP session?  learn (or create) the sequence number of a
TCP session between each of the reflectors and the target, and
distribute them to the botnet?  Then each member of the botnet sends out
a TCP packet (sequence numbers augmented in some coordinated fashion) to
the reflector that triggers an ACK (and even worse, a data flow) from
the reflector to the victim.

I've never done this, so maybe i've missed some mitigating detail, but
it seems like the same risk with or without TFO.

   --dkg


More information about the openssl-dev mailing list