Re: TCP RST attack
From: Dag-Erling Smørgrav (des_at_des.no)
Date: 04/20/04
- Previous message: Dragos Ruiu: "Re: TCP RST attack"
- In reply to: Dragos Ruiu: "Re: TCP RST attack"
- Next in thread: Mike Tancsa: "Re: TCP RST attack"
- Reply: Mike Tancsa: "Re: TCP RST attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Dragos Ruiu <dr@kyx.net> Date: Tue, 20 Apr 2004 20:26:17 +0200
Dragos Ruiu <dr@kyx.net> writes:
> On April 20, 2004 10:44 am, Dag-Erling Smørgrav wrote:
> > The advisory grossly exaggerates the impact and severity of this
> > fea^H^H^Hbug. The attack is only practical if you already know the
> > details of the TCP connection you are trying to attack, or are in a
> > position to sniff it.
> This is not true. The attack does not require sniffing.
You need to know the source and destination IP and port. In most
cases, this means sniffing. BGP is easier because the destination
port is always 179 and the source and destination IPs are recorded in
the whois database, but you still need to know the source port.
DES
-- Dag-Erling Smørgrav - des@des.no _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Dragos Ruiu: "Re: TCP RST attack"
- In reply to: Dragos Ruiu: "Re: TCP RST attack"
- Next in thread: Mike Tancsa: "Re: TCP RST attack"
- Reply: Mike Tancsa: "Re: TCP RST attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
