Re: tcp,guardent,bellovin - Test - lists.nanog.org

newer
Re: tcp,guardent,bellovin

Re: tcp,guardent,bellovin

older
Re: tcp,guardent,bellovin

Steven M. Bellovin

12 Mar 2001 12 Mar '01

12:29 p.m.

In message <Pine.GSO.4.31.0103121911520.9269-100000@meron.openu.ac.il>, Rafi Sa dowsky writes:

Hi

Is there anything actually new in this exploit compared to the known TCP hijacking vulnerabilities as portrayed say in Phrack 50(Juggernaut) ?

Juggernaut requires eavesdropping; this one doesn't. --Steve Bellovin, http://www.research.att.com/~smb

Reply

Sign in to reply online Use email software

Show replies by date

Rafi Sadowsky

12 Mar 12 Mar

10:12 p.m.

New subject: tcp,guardent,bellovin

On Mon, 12 Mar 2001, Steven M. Bellovin wrote:

In message <Pine.GSO.4.31.0103121911520.9269-100000@meron.openu.ac.il>, Rafi Sa dowsky writes:

...
Hi

Is there anything actually new in this exploit compared to the known TCP hijacking vulnerabilities as portrayed say in Phrack 50(Juggernaut) ?

Juggernaut requires eavesdropping; this one doesn't.

No eavesdropping at all ? how can a TCP connection be hijacked if you're not on the connection path? (Or capable of diverting the connection past you - breaking routers/source_routing/<whatever>.... )

--Steve Bellovin, http://www.research.att.com/~smb

Thanks Rafi

Reply

Sign in to reply online Use email software

8689

Age (days ago)

8690

Last active (days ago)

Download

1 comments

2 participants

tags

participants (2)

Rafi Sadowsky
Steven M. Bellovin