North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Consumers of Broadband Providers (ISP) may be open to hijack attacks (fwd)

  • From: Per Heldal
  • Date: Wed Jul 19 04:29:15 2006

What's new here?

Attack-vectors for session-hijacking has been thoroughly discussed
elsewhere, so there's no reason to repeat that here. But ....

On Wed, 19 Jul 2006 02:02:20 -0500 (CDT), "Gadi Evron" <[email protected]>
said:
[snip]
> >Description:
> 	Some ISP networks do not reset open TCP connections of customers that
> were either cut-off by the ISP or cut off by self-initiation.  While it
> is 
> responsibility of every person to terminate every open connection before
> link termination, when the ISP initiates this, it cannot be guaranteed. 

You've got far more serious problems than session hijacking to worry
about if your network permit an attacker to monitor who/when/where
people are disconnected or to kick users off the network at will as
would be required to succeed.



Besides, to which extent do broadband networks:

- permit users to choose their own address?

- immediately reuse an address for an other user (unless the pool is
exhausted)?


 //Per
-- 
  Per Heldal
  http://heldal.eml.cc/