North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: TCP RST attack (the cause of all that MD5-o-rama)

  • From: Valdis.Kletnieks
  • Date: Tue Apr 20 17:04:07 2004

On Tue, 20 Apr 2004 15:40:38 EDT, "Patrick W.Gilmore" said:

> Assuming a well randomized starting sequence number (just give me this 
> one for the moment),

Nope.  I won't give you that one, because that's a big chunk of the
problem:

http://lcamtuf.coredump.cx/newtcp/ (one year later)
http://razor.bindview.com/publish/papers/tcpseq.html  (original paper)

It seems that Cisco has its act mostly together, but a *LOT* of other
vendors don't, even a year after...

Attachment: pgp00016.pgp
Description: PGP signature