On or around Mon, Mar 12, 2001 at 09:50:08AM -0500, Steven M. Bellovin may have written:
In message <87hf0z59qe.fsf@lackawana.kippona.com>, Chris Beggy writes:
tcp,guardent,bellovin are all mentioned in a WSJ article on DOS and session hijacking, but I don't see anything on CERT yet.
Any details? Any incidents using the exploit guardent has identified?
Not to my knowledge...
The folks at Guardent are talking to CERT and to various vendors about the problem before releasing any details.
--Steve Bellovin, http://www.research.att.com/~smb
so WSJ is considered a vendor these days? -- Scott Francis scott@ [work:] v i r t u a l i s . c o m Systems Analyst darkuncle@ [home:] d a r k u n c l e . n e t PGP fingerprint 7ABF E2E9 CD54 A1A8 804D 179A 8802 0FBA CB33 CCA7 illum oportet crescere me autem minui