Re: [Full-disclosure] ICMP Security Vulnerabilities - NEW (cough)

• Previous message: Kornbrust, Alexander: "[Full-disclosure] Silently fixed security bugs in Oracle Critical Patch Update July 2005"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 14 Jul 2005 12:58:22 -0700
To: full-disclosure@lists.grok.org.uk

Vic,

Maybe you need to read (not skim) Fernando's draft?
The title is "ICMP Attacks Against TCP", and let me
emphasize the TCP part.

I find it interesting that you've gone through the
trouble of writing a 10 page email in which you
seem to be claiming partial credit for someone else's
work, but you have not bothered to include any
references to substantiate your claims, other than
a mailing list you can't remember, some private
conversations on a tangentially related subject
you've had with associates over the years, and your
newbie ICMP guide.

Unfortunately your email adds nothing new to the
discussion and only shows that you did not take the
time to understand the draft, nor the fixes that have
been implemented in OpenBSD and Linux.

Now, regarding your guide to ICMP filtering. First,
your guide says nothing about the blind ICMP attacks
against TCP in Fernando's paper. Your guide appears
to be a summary of other information (including guides
and published exploits) available well before 1994
(including, for god's sake, the "Security Considerations"
sections of RFC's published in 1990 and even earlier).

In addition, some of the advice in your guide is
dangerous for basically anyone other than home users
sitting behind a firewall. This, too, was widely
known before your guide was published.

You need to hit the books.

        -Chad Loder
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

• Previous message: Kornbrust, Alexander: "[Full-disclosure] Silently fixed security bugs in Oracle Critical Patch Update July 2005"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages [Full-disclosure] Revised draft on ICMP attacks ... I have published a revision of my draft on ICMP attacks against TCP. ... (Full-Disclosure) Revised draft on ICMP attacks ... I have published a revision of my draft on ICMP attacks against TCP. ... (Bugtraq) Revised draft on ICMP attacks against TCP ... I have published a revision of my draft on ICMP attacks against TCP. ... (Security-Basics) RE: [Full-disclosure] Revised paper on "ICMP attacks against TCP" ... Revised paper on "ICMP attacks against TCP" ... Hosted and sponsored by Secunia - http://secunia.com/ ... (Full-Disclosure) ICMP attacks against TCP ... Has anyone seen the recently published IETF draft regarding ICMP attacks ... I'm interested in any comments as to the vulnerability of FreeBSD's TCP ... Steve Zweep ... (FreeBSD-Security)