Dima Volodin wrote:
Now can I hold my breath waiting for vendors to incorporate this stuff into their products? Has anybody heard anything from Sun on this matter? The latest word going out from their SunService center is that
their engineers are working on it. The cust. support reps at least seemed to know what it was right off (which means lots of people have been calling about it) I've been monkeying about with the ndd settings, but I've had a hard time getting the exploit code to work. Both neptune (phrack) and the 2600 code both send the SYN packets (after some work) but a sniffer shows that both of these don't correctly spoof the IP address, so RSTs follow the reply. Does anyone have _simple_ working exploit code for any platform? I'm going to go ahead and implement the ndd fix, but I'd sure as heck like to know how much it fixes it. allan allan@bellsouth.net