Text only | Text with Images

Valhalla Legends Archive

General => General Discussion => Topic started by: Stealth on April 20, 2004, 02:40 PM

Title: TCP Vulnerability
Post by: Stealth on April 20, 2004, 02:40 PM
There has apparently been discovered a vulnerability in the TCP protocol. (SlashDot readers will know this fairly soon if they don't already. ;) )

US-CERT document:
http://cert.gov/cas/techalerts/TA04-111A.html

British NISCC Vulnerability Advisory:
http://www.uniras.gov.uk/vuls/2004/236929/index.htm

This could get ugly. (Could this get ugly?)
Title: Re:TCP Vulnerability
Post by: Banana fanna fo fanna on April 20, 2004, 02:50 PM
I thought guessing sequence numbers was an old thing?
Title: Re:TCP Vulnerability
Post by: iago on April 20, 2004, 02:59 PM
Quote from: St0rm.iD on April 20, 2004, 02:50 PM
I thought guessing sequence numbers was an old thing?

If that's the same thing I recently read, it can be done without guessing sequence numbers.  All you need to know is the source/dest port/ip.
Title: Re:TCP Vulnerability
Post by: iago on April 20, 2004, 03:01 PM
Quote from: Stealth on April 20, 2004, 02:40 PM
This could get ugly. (Could this get ugly?)

I don't think so, from what I've seen you rarely know the necessary ports, and even if you do most connections could be remade anyway.  I don't see this being much of a problem.
Title: Re:TCP Vulnerability
Post by: Stealth on April 21, 2004, 12:13 AM
Ah well. It's newsworthy, anyways. =)
Text only | Text with Images