Date: Tue, 20 Apr 2004 20:26:17 +0200 From: des@des.no (=?iso-8859-1?q?Dag-Erling_Sm=F8rgrav?=) To: Dragos Ruiu <dr@kyx.net> Cc: freebsd-security@freebsd.org Subject: Re: TCP RST attack Message-ID: <xzp65buh5fa.fsf@dwp.des.no> In-Reply-To: <200404201113.27737.dr@kyx.net> (Dragos Ruiu's message of "Tue, 20 Apr 2004 11:13:27 -0700") References: <6.0.3.0.0.20040420125557.06b10d48@209.112.4.2> <xzphdve35oa.fsf@dwp.des.no> <200404201113.27737.dr@kyx.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Dragos Ruiu <dr@kyx.net> writes: > On April 20, 2004 10:44 am, Dag-Erling Sm=F8rgrav wrote: > > The advisory grossly exaggerates the impact and severity of this > > fea^H^H^Hbug. The attack is only practical if you already know the > > details of the TCP connection you are trying to attack, or are in a > > position to sniff it. > This is not true. The attack does not require sniffing. You need to know the source and destination IP and port. In most cases, this means sniffing. BGP is easier because the destination port is always 179 and the source and destination IPs are recorded in the whois database, but you still need to know the source port. DES --=20 Dag-Erling Sm=F8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzp65buh5fa.fsf>