1 |
It sure looks like another silly attempt to make a name in the security industry by publishing old research; profiting on the community if you will. |
2 |
|
3 |
Nothing new, only the same thing that has been pushing more and more people to not release their research to the public. |
4 |
|
5 |
// Daniel |
6 |
|
7 |
-----Original Message----- |
8 |
From: Mike Frysinger <vapier@g.o> |
9 |
To: gentoo-security@l.g.o |
10 |
Date: Wed, 21 Apr 2004 19:10:10 -0400 |
11 |
Subject: Re: [gentoo-security] TCP vulnerability |
12 |
|
13 |
On Wednesday 21 April 2004 08:17 am, Yves Younan wrote: |
14 |
> On Tue, 2004-04-20 at 23:18, Florian Weimer wrote: |
15 |
> > Yes, indeed. IRC is another likely victim. |
16 |
> |
17 |
> For IRC you'd need to guess the source port too. The window reduces the |
18 |
> combinations one must use to get a correct sequence number, but the way |
19 |
> the source port is chosen still makes this attack rather hard. |
20 |
> As such I don't see what the fuss is about, this is a known problem, see |
21 |
> the article |WARL0RD| wrote in 2001: |
22 |
> http://www.nologin.org/Downloads/Papers/tcp-brute-reset.txt |
23 |
|
24 |
not to mention utilities to do this have existed for a *long* time ... |
25 |
ive seen ones that'll just send ICMP packets, one for each possible port, |
26 |
until the person gets kicked off |
27 |
-mike |
28 |
|
29 |
-- |
30 |
gentoo-security@g.o mailing list |
31 |
|
32 |
|
33 |
|
34 |
|
35 |
|
36 |
-- |
37 |
gentoo-security@g.o mailing list |