Gentoo Archives: gentoo-security

From: Daniel Brandt <daniel.brandt@××××.se>
To: gentoo-security@l.g.o
Subject: Re: Re: [gentoo-security] TCP vulnerability
Date: Thu, 22 Apr 2004 06:38:49
Message-Id: 1082615662.3fc47d40daniel.brandt@home.se
1 It sure looks like another silly attempt to make a name in the security industry by publishing old research; profiting on the community if you will.
2
3 Nothing new, only the same thing that has been pushing more and more people to not release their research to the public.
4
5 // Daniel
6
7 -----Original Message-----
8 From: Mike Frysinger <vapier@g.o>
9 To: gentoo-security@l.g.o
10 Date: Wed, 21 Apr 2004 19:10:10 -0400
11 Subject: Re: [gentoo-security] TCP vulnerability
12
13 On Wednesday 21 April 2004 08:17 am, Yves Younan wrote:
14 > On Tue, 2004-04-20 at 23:18, Florian Weimer wrote:
15 > > Yes, indeed. IRC is another likely victim.
16 >
17 > For IRC you'd need to guess the source port too. The window reduces the
18 > combinations one must use to get a correct sequence number, but the way
19 > the source port is chosen still makes this attack rather hard.
20 > As such I don't see what the fuss is about, this is a known problem, see
21 > the article |WARL0RD| wrote in 2001:
22 > http://www.nologin.org/Downloads/Papers/tcp-brute-reset.txt
23
24 not to mention utilities to do this have existed for a *long* time ...
25 ive seen ones that'll just send ICMP packets, one for each possible port,
26 until the person gets kicked off
27 -mike
28
29 --
30 gentoo-security@g.o mailing list
31
32
33
34
35
36 --
37 gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] TCP vulnerability Devon <devon@×××××.org>