I'd doubt it, as I'd think TCP implementation being used is the one in the OS kernel, and I'm pretty sure there aren't any knobs you can switch on to get TCP to be unreliable and not to opmitimise it's behaviour for the available network capacity. Having those knobs would defeat the fundamental purposes of TCP. UDP is the appropriate protocol for applications to use if they don't want TCP's features.

The only option might be to implement "UDP" using TCP packets i.e. have SSH custom build packets that look like TCP, but not actually implement any of the TCP algorithms. The benefit would be that most firewalls probably don't watch TCP's algorithm's in action, and therefore would allow existing ssh permitting setups to work. There may be firewalls out there that do that TCP checking though, so the "UDP" in TCP technique may not be 100% guaranteed to work.



[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/375/32904#32904