Bugtraq mailing list archives

Tcp Seq Vendor Update

From: cklaus () iss net (Christopher Klaus)
Date: Tue, 7 Feb 1995 10:47:39 +1494730 (PST)


Atleast 2 vendors I know of are planning on coming out with patches for 
TCP Sequence spoofing.  It helps, but it won't help secure your whole net,
if only 2 types of Unix machines can be patched and the rest are open
to attack.  And I hope everyone realizes that it only takes one
insecure machine on the net to easily compromise the rest of your network.

You still may want to contact your own Unix vendors and see if they plan on
coming out with patches.  Maybe if they see enough interest, they will devote
some resources to fixing a 10 year old security problem.

PS.  Infoworld (Jan 30th, Page 78, 85) last week had an article on
comparing various Internet server machines and Firewalls. 

Cheers,
Christopher
-- 
Christopher William Klaus       Voice: (404)441-2531. Fax: (404)441-2431
Internet Security Systems, Inc.         Computer Security Consulting
2000 Miller Court West, Norcross, GA 30071

Current thread:

Tcp Seq Vendor Update Christopher Klaus (May 25)
- Re: Tcp Seq Vendor Update Paul 'Shag' Walmsley (Feb 07)