1 |
On Wednesday 21 April 2004 08:17 am, Yves Younan wrote: |
2 |
> On Tue, 2004-04-20 at 23:18, Florian Weimer wrote: |
3 |
> > Yes, indeed. IRC is another likely victim. |
4 |
> |
5 |
> For IRC you'd need to guess the source port too. The window reduces the |
6 |
> combinations one must use to get a correct sequence number, but the way |
7 |
> the source port is chosen still makes this attack rather hard. |
8 |
> As such I don't see what the fuss is about, this is a known problem, see |
9 |
> the article |WARL0RD| wrote in 2001: |
10 |
> http://www.nologin.org/Downloads/Papers/tcp-brute-reset.txt |
11 |
|
12 |
not to mention utilities to do this have existed for a *long* time ... |
13 |
ive seen ones that'll just send ICMP packets, one for each possible port, |
14 |
until the person gets kicked off |
15 |
-mike |
16 |
|
17 |
-- |
18 |
gentoo-security@g.o mailing list |