Neil Schroeder writes: > I would like to respond in a generic and sweeping way - having not read in > the detail Bob layed out for us required to fully analyze the situation - > to the notion that circuit level access or prior topological knowledge is > required to exploit this or any other spoofing attack. On a corporation or > education network, I could generate such malformed packets with almost no > effort as long as i had my Mac or a similarly not-windows device, or access > to one. I estimate it'd take less than 5 minutes for me to do for the > majority of targets - which means any motivated party could within an hour > or two. I'm not warranting I would succeed - hopefully there would be a > real firewall SOMEWHERE in the path from the open internet to a real > physical host.
I invite you to take 5-15 minutes' time and find out. I won't ask you to (and I hope you don't) publish too much information on what you find out, because that initial hurdle is "big enough" to keep the majority of miscreants at bay. However, give a tool to a script-kiddie... But please do take a bit of time and try to implement this attack. Once you are there, I'd appreciate any suggestions hou might have regarding mitigation. -- Harlan Stenn <[email protected]> http://networktimefoundation.org - be a member! _______________________________________________ time-nuts mailing list -- [email protected] To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
