Skip to main content

DoS vulnerability of TCP by acknowledging not received segments

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Arturo Azcorra , Carlos J. Bernardos , Ignacio Soto
Last updated 2004-02-05
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


TCP relies in communication peers to implement congestion control by hosts voluntary limiting their own data rate. Nevertheless this assumption introduces unsolved DoS attack opportunities. A DoS attack can be easily performed by a host that acknowledges TCP segments not yet received (maybe even not sent). This document presents and briefly describes the problem, already identified and pointed before, but also shows than it can be easily performed (with very interesting results) and proposes some server-side modifications to TCP stack in order to make this attack more dificult to perform.


Arturo Azcorra
Carlos J. Bernardos
Ignacio Soto

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)