Date: Sat, 7 Oct 95 21:52 PDT From: pete@puffin.pelican.com (Pete Carah) To: julian@ref.tfs.com Cc: hackers@freebsd.org Subject: Re: TCP/IP Spoofing etc. Message-ID: <m0t1niT-0000ReC@puffin.pelican.com> In-Reply-To: <199510072005.NAA11885@ref.tfs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <199510072005.NAA11885@ref.tfs.com> you write: >I have to explain to someone the possible problems >that might be encountered by using old software on a >machine in the internet. >One thing that came to mind is that it's possible this role >might include some 'firewall' type duties. I don't know about these unless it makes use of single-packet TTCP... >(p.s. I need this info pretty quickl (as per normal)) >(I.P.Spoofing is another thing I'm sorta curious about.. >I guess there may be CERT notes on these right?) Steve Bellovin (Bell Labs) is the reference I remember; there are several others. I've modified several FreeBSD kernels to foil the sequence-number attack (but one wants a better system than mine to do it "right"; if I let out how I did it it wouldn't work.) (Nice to have access to the source :-) >(got a cert URL?) ftp.cert.org. I don't know about a web server but it would have the obvious name if it exists. Their reports are purposely obscured (but at least tell you that attacks exist); for more detail see 8lgm and other stuff in comp.security.unix and comp.security.misc. The latest cert report was a summary of the 'announced' bugs which are still outstanding on popular systems... I don't know which ones we are susceptible to; we are using the latest (or next-latest) sendmail which has plugged many of them. -- Pete
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m0t1niT-0000ReC>