[openssl-dev] [openssl.org #4271] Enhancement Request: Support TCP Fast Open
Viktor Dukhovni
openssl-users at dukhovni.org
Wed Jan 27 06:05:45 UTC 2016
On Tue, Jan 26, 2016 at 09:37:58PM +0000, Salz, Rich wrote:
> TFO is interesting because it lets UDP-style attacks happen at the TCP
> level. Normally you can't do a TCP attack unless you have a valid client
> IP address.
>
> Imagine connecting once and then sending the syncookie to the botnet.
I would expect that there is no "the cookie", and the cookie for
each client is different. So no single connection would obtain
cookies usable from multiple sources.
That is, cookies militate UDP-style attacks.
--
Viktor.
More information about the openssl-dev
mailing list