Assuming that he do not know port number and must try 20 - 40 ports, it
takes 200 * 10 = 2000 seconds to resert a single session... Useless except a
very special cases 9such as a big community decided to knock down SCO, for
example).
At 05:09 PM 20/04/2004, Richard A Steenbergen wrote:
Since no one's mentioned it yet, apparently there was a change in plans.
It was just released a day early.
http://story.news.yahoo.com/news?tmpl=storycid=528e=1u=/ap/20040420/ap_on_hi_te/internet_threat
And the official one:
http://www.uniras.gov.uk/vuls/2004/236929/index.htm
Grant
--
Grant
NISCC Vulnerability Advisory 236929Vulnerability Issues in TCPVersion Information Advisory Reference 236929 Release Date 20 April 2004 Last Revision 20 April 2004 Version Number 1.0 What is Affected?The vulnerability described in this advisory affects implementations of the Transmission Control
In message [EMAIL PROTECTED]you write:
Since no one's mentioned it yet, apparently there was a change in plans.
It was just released a day early.
This is because of the story at http://www.washingtonpost.com/, in the
Technology section.
Thanks,
..Aviva
On Tue, 20 Apr 2004, tad pedley wrote:
Although denial of service using crafted TCP packets is a well known
weakness of TCP, until recently it was believed that a successful
denial of service attack was not achievable in practice. The reason
for this is that the receiving TCP implementation
On 20 Apr 2004, at 13:59, Aviva Garrett wrote:
In message [EMAIL PROTECTED]you
write:
Since no one's mentioned it yet, apparently there was a change in
plans.
It was just released a day early.
This is because of the story at http://www.washingtonpost.com/, in the
Technology section.
I suggest
Hi,
For those not helped too much the MD5 Signature Option, this
i-d addresses the attacks in the Watson paper (it was meant to
come out just when the advisory came out, but they jumped the gun).
There are implementations in *xes and router OSes - more info
from those sources.
Allison
On Tue, Apr 20, 2004 at 10:36:48AM -0700, Grant A. Kirkwood wrote:
Since no one's mentioned it yet, apparently there was a change in plans.
It was just released a day early.
http://story.news.yahoo.com/news?tmpl=storycid=528e=1u=/ap/20040420/ap_on_hi_te/internet_threat
And the official
I suggest an extensive late-night BOF in San Francisco in the bar to
discuss the mechanics of adding MD5 keys to all your sessions in 48
hours. Evidence of RSI and eyesight failure will be mandatory
for those who prefer to be keyboard monkeys all their lives instead
of building tools to
On Tue, 20 Apr 2004, Richard A Steenbergen wrote:
Anyone who seriously wanted to protect against this attack could easily
deploy RST rate limits against their management interfaces, rather than
run around trying to set up MD5 with every peer. As a long term
improvement, a random ephemeral
On 20 Apr 2004, at 17:37, Randy Bush wrote:
I suggest an extensive late-night BOF in San Francisco in the bar to
discuss the mechanics of adding MD5 keys to all your sessions in 48
hours. Evidence of RSI and eyesight failure will be mandatory
for those who prefer to be keyboard monkeys all
I suggest an extensive late-night BOF in San Francisco in the bar to
discuss the mechanics of adding MD5 keys to all your sessions in 48
hours. Evidence of RSI and eyesight failure will be mandatory
for those who prefer to be keyboard monkeys all their lives instead
of building tools
On Tue, 20 Apr 2004, Joe Abley wrote:
I suggest an extensive late-night BOF in San Francisco in the bar to
discuss the mechanics of adding MD5 keys to all your sessions in 48
hours.
Zeitgeist at 7pm or the Toronado at 9pm?
At 05:09 PM 20/04/2004, Richard A Steenbergen wrote:
party to know which side won the collision handling. Therefore you need
262144 packets * 3976 ephemeral ports (assuming both sides are jnpr, again
worst case) * 2 (to figure out who was the connecter and who was the
accepter) = 2084569088
On Apr 20, 2004, at 9:23 PM, Mike Tancsa wrote:
At 05:09 PM 20/04/2004, Richard A Steenbergen wrote:
party to know which side won the collision handling. Therefore you
need
262144 packets * 3976 ephemeral ports (assuming both sides are jnpr,
again
worst case) * 2 (to figure out who was the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 2004-04-20, at 23.09, Richard A Steenbergen wrote:
but the massive amount of confusion,
rumor, and worry which the major router vendors (Cisco and Juniper)
created by essentially rediscovering the god damn spec and then telling
only their
16 matches
Mail list logo
