Gentoo Archives: gentoo-security

From: Mike Frysinger <vapier@g.o>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] TCP vulnerability
Date: Wed, 21 Apr 2004 23:10:51
Message-Id: 200404211910.10094.vapier@gentoo.org
In Reply to: Re: [gentoo-security] TCP vulnerability by Yves Younan
1 On Wednesday 21 April 2004 08:17 am, Yves Younan wrote:
2 > On Tue, 2004-04-20 at 23:18, Florian Weimer wrote:
3 > > Yes, indeed. IRC is another likely victim.
4 >
5 > For IRC you'd need to guess the source port too. The window reduces the
6 > combinations one must use to get a correct sequence number, but the way
7 > the source port is chosen still makes this attack rather hard.
8 > As such I don't see what the fuss is about, this is a known problem, see
9 > the article |WARL0RD| wrote in 2001:
10 > http://www.nologin.org/Downloads/Papers/tcp-brute-reset.txt
11
12 not to mention utilities to do this have existed for a *long* time ...
13 ive seen ones that'll just send ICMP packets, one for each possible port,
14 until the person gets kicked off
15 -mike
16
17 --
18 gentoo-security@g.o mailing list