|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: tcp,guardent,bellovin
On Mon, 12 Mar 2001, Steven M. Bellovin wrote: > > In message <[email protected]>, Rafi Sa > dowsky writes: > > > > Hi > > > > Is there anything actually new in this exploit compared to the known TCP > >hijacking vulnerabilities as portrayed say in Phrack 50(Juggernaut) ? > > Juggernaut requires eavesdropping; this one doesn't. No eavesdropping at all ? how can a TCP connection be hijacked if you're not on the connection path? (Or capable of diverting the connection past you - breaking routers/source_routing/<whatever>.... ) > > --Steve Bellovin, http://www.research.att.com/~smb > Thanks Rafi > >
|