Firewall Wizards mailing list archives
Re: IP Spoofing.
From: "Paul D. Robertson" <proberts () clark net>
Date: Wed, 29 Sep 1999 12:01:40 -0400 (EDT)
On Tue, 28 Sep 1999, Randy Witlicki wrote:
In a prudent setup with both cryptographically strong initial TCP sequence numbers (you don't need OpenBSD here, but it helps), and a good security perimeter, you should be immune from the "classic" attack.
Which doesn't make you necessarily immune from spoofing attacks, nor even necessarily from blind attacks. Don't forget that you can spoof UDP as well.
So, the original poster's boss may be correct, if he is refering to blind spoofing and he has a strong OS with prudent perimeter security.
And strong applications, and no connections inititated with hosts that
aren't strong or have strong applications, and the potential attackers can't
sniff a packet on a compromised host or network, and they don't just happen
to get a sequence number that's close enough to a guess to flood back a
response...
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
proberts () clark net which may have no basis whatsoever in fact."
PSB#9280
Current thread:
- IP Spoofing. Christopher C. Petro (Sep 18)
- Re: IP Spoofing. William Stearns (Sep 19)
- Re: IP Spoofing. Tim Kramer (Sep 20)
- RE: IP Spoofing. Joseph Williams (Sep 20)
- Re: IP Spoofing. altellez (Sep 21)
- Re: IP Spoofing. Carric Dooley (Sep 28)
- Re: IP Spoofing. Randy Witlicki (Sep 29)
- Re: IP Spoofing. Paul D. Robertson (Sep 30)
- Re: IP Spoofing. Peter J. Kunz (Sep 30)
- Re: IP Spoofing. Ivan Arce (Sep 30)
- Re: IP Spoofing. Emiliano Kargieman (Sep 30)
- RE: IP Spoofing. Kurt Buff (Sep 30)
- RE: IP Spoofing. Rick Smith (Sep 30)
- Re: IP Spoofing. Randy Witlicki (Sep 29)
- <Possible follow-ups>
- Re: IP Spoofing. Steven M. Bellovin (Sep 19)
- Re: IP Spoofing. Robert Graham (Sep 21)