Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 7 Oct 95 21:52 PDT
From:      pete@puffin.pelican.com (Pete Carah)
To:        julian@ref.tfs.com
Cc:        hackers@freebsd.org
Subject:   Re: TCP/IP Spoofing etc.
Message-ID:  <m0t1niT-0000ReC@puffin.pelican.com>
In-Reply-To: <199510072005.NAA11885@ref.tfs.com>

next in thread | previous in thread | raw e-mail | index | archive | help
In article <199510072005.NAA11885@ref.tfs.com> you write:

>I have to explain to someone the possible problems
>that might be encountered by using old software on a 
>machine in the internet.

>One thing that came to mind is that it's possible this role
>might include some 'firewall' type duties.

I don't know about these unless it makes use of single-packet
TTCP...

>(p.s. I need this info pretty quickl (as per normal))

>(I.P.Spoofing is another thing I'm sorta curious about..
>I guess there may be CERT notes on these right?)

Steve Bellovin (Bell Labs) is the reference I remember; there are several
others.  I've modified several FreeBSD kernels to foil the sequence-number
attack (but one wants a better system than mine to do it "right"; if I
let out how I did it it wouldn't work.)

(Nice to have access to the source :-)

>(got a cert URL?)

ftp.cert.org.  I don't know about a web server but it would have the
obvious name if it exists.  Their reports are purposely obscured (but at
least tell you that attacks exist); for more detail see 8lgm and other
stuff in comp.security.unix and comp.security.misc.

The latest cert report was a summary of the 'announced' bugs which are
still outstanding on popular systems...  I don't know which ones we are
susceptible to; we are using the latest (or next-latest) sendmail which
has plugged many of them.

-- Pete



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m0t1niT-0000ReC>