In some email I received from C. Harald Koch, Sie wrote:
[...]
> systems that have been placed into TCP over the years. FTP is just fine
> on modern IP systems, since network transients don't tear down a TCP
> connection anymore (That was a BSD bug, and has slowly been eradicated).
Ahem. Of all the Unixes I know, NetBSD has it fixed. Everything based on
4.3BSD is flawed (there being a patch for SunOS to help) and this includes
a very large range of Unix variants. Also there is a bug in NET-2 (fixed
for NetBSD).
> Apparently, FSP has started causing problems already on some slower IP
> links, since it doesn't do any congestion control. It's only a matter of
> time before the larger network providers notice it, and take steps.
>
> >From a security point of view, it's like any other UDP service, i.e.
> impossible to control. :-)
But also impossible to monitor...how can a network provider determine
what portion of traffic is being used for FSP if there is no fixed port
number ? And then, what effective action can they take ? If you run
FSP on a NFSless machine you can use port 2049, what now ?
Darren
References:
|
|
