1 |
On Tue, 2004-04-20 at 23:18, Florian Weimer wrote: |
2 |
> Yes, indeed. IRC is another likely victim. |
3 |
For IRC you'd need to guess the source port too. The window reduces the |
4 |
combinations one must use to get a correct sequence number, but the way |
5 |
the source port is chosen still makes this attack rather hard. |
6 |
As such I don't see what the fuss is about, this is a known problem, see |
7 |
the article |WARL0RD| wrote in 2001: |
8 |
http://www.nologin.org/Downloads/Papers/tcp-brute-reset.txt |
9 |
|
10 |
- YY |
11 |
They that give up essential liberty to obtain a little temporary safety |
12 |
deserve neither liberty nor safety. |
13 |
- Benjamin Franklin |