PMW1@psuvm.psu.edu (Peter M. Weiss) (08/15/90)
We are very concerned about unauthorized and/or illegal use of resources on our TCP hosts by taking advantage of weaknesses in the TCP specifications and/or implementations. For TCP session initiation and for already established TCP connections to TCP hosts, what will the products do when receiving packets with acknowledgement sequence numbers greater than expected, including maximal acknowledgement sequence numbers? This might occur when an unauthorized client host attempts to spoof an TCP server host (assume that the client knows the higher level transaction protocol such as TN3270 and specific transaction dialogues). How is it possible, for a rogue host, by misrepresenting its IP address and/or guessing the acknowledgement numbers, to either initiate a TCP session with various TCP products or invade an ongoing legitimate session? Peter M. Weiss, SE For TP Penn State University - Management Services 31 Shields Bldg University Park, PA 16802 814 863 1843