North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Massive stupidity (Was: Re: TCP vulnerability)
On Tue, 20 Apr 2004, Richard A Steenbergen wrote: > Anyone who seriously wanted to protect against this attack could easily > deploy RST rate limits against their management interfaces, rather than > run around trying to set up MD5 with every peer. As a long term > improvement, a random ephemeral port selection process could be used. Insufficient to completely protect against the identified vulnerabilities. Please continue reading.
|