I was reading the entry for TCP at Wikipedia, one thing that caught my attention is the description of Out of Band data. The verbatim description:
You are able to interrupt or abort the queued stream instead of waiting for the stream to finish. This is done by specifying the data as urgent. This will tell the receiving program to process it immediately, along with the rest of the urgent data.I find the description lacking considering a whole Chapter is dedicated to it in the book UNIX® Network Programming. Extensive discourse for Out of Band data can also be found in the book TCP/IP Illustrated.
When finished, TCP informs the application and resumes back to the stream queue. An example is when TCP is used for a remote login session, the user can send a keyboard sequence that interrupts or aborts the program at the other end.
These signals are most often needed when a program on the remote machine fails to operate correctly. The signals must be sent without waiting for the program to finish its current transfer.
OOB data abuse made the news back in 1997 with the DoS tool Winnuke affecting at least Windows 95 and NT. An OOB related bug is CVE-1999-1214 with OpenBSD's advisory. Also who can miss Delivering Signals for Fun and Profit where Zalewski discussed remote exploitation of signal delivery in WU-FTPD's case. And there's using OOB data for IDS evasion. Have we seen the last of OOB abuse?
