Subject: TCP ACKing data that doesn't exist
To: None <tech-kern@NetBSD.ORG>
From: Travis Hassloch x231 <>
List: tech-kern
Date: 09/19/1996 15:08:59
Part of the ability to interactively hijack connections depends on ACKs
for sequence numbers larger than the current pointer to be silently
ignored.  Is this something that can be handled in an implementation,
or is it a flaw in the TCP design which can't be fixed without breaking
compliance or negatively impacting utility?

That is; system A sends sequence number X and 7 bytes of data.
Hijacking will cause system B, the peer of A, to send an ACK with
sequence number > X+7 (before A has generated any data past X+7).
A usually silently ignores this ACK.

If it can be handled, does anyone have suggestions on how to handle it?
Should you terminate the connection with a reset, passively log the
error to a system log, pass the application some kind of condition code,
or what?

I guess this has been discussed on various TCP/IP lists; if anyone
can suggest a more relevant forum I'll send my email there.
Travis Hassloch | 21st Century Digital Boy | P=NP if (P=0 or N=1)
``He's more of a security expert, or informational enthusiast like the many
others.  These daredevils straddle the barbwire fence between security and
hacking, in an attempt to absorb as much knowledge as they can.''