Discussion:
Does SCTP help against TCP reset attacks?
(too old to reply)
Ángel González
2016-04-14 23:58:20 UTC
Permalink
I don't know how you do it, i never managed a(n exposed) server
until January and now [.] i think what i have to face are TCP
RST attacks on SSH connections, leading to "connection reset"s
["connection closed" on client side in fact] (of course).
Are you sure that's the case? For RST attack, it would need to guess
the right TCP sequence numbers.
It seems more likely that the connection is timing out (maybe there's
some firewall enforcing it?) and thus the other side considers it to be
closed.
Steffen Nurpmeso
2016-04-15 09:41:35 UTC
Permalink
Ángel González <***@gmail.com> wrote:
|Steffen Nurpmeso wrote:
|> I don't know how you do it, i never managed a(n exposed) server
|> until January and now [.] i think what i have to face are TCP
|> RST attacks on SSH connections, leading to "connection reset"s
|> ["connection closed" on client side in fact] (of course).

|Are you sure that's the case? For RST attack, it would need to guess
|the right TCP sequence numbers.
|It seems more likely that the connection is timing out (maybe there's
|some firewall enforcing it?) and thus the other side considers it to be
|closed.

Yes there are many experts on this list who have a penetrating
knowledge of protocols and network behaviour, and i really would
prefer not having to face that attacks restart just as promptly.

Thank you!

--steffen

Loading...