nanog mailing list archives
Re: Consumers of Broadband Providers (ISP) may be open to hijack attacks (fwd)
From: "Per Heldal" <heldal () eml cc>
Date: Wed, 19 Jul 2006 10:28:09 +0200
What's new here? Attack-vectors for session-hijacking has been thoroughly discussed elsewhere, so there's no reason to repeat that here. But .... On Wed, 19 Jul 2006 02:02:20 -0500 (CDT), "Gadi Evron" <ge () linuxbox org> said: [snip]
Description:Some ISP networks do not reset open TCP connections of customers that were either cut-off by the ISP or cut off by self-initiation. While it is responsibility of every person to terminate every open connection before link termination, when the ISP initiates this, it cannot be guaranteed.
You've got far more serious problems than session hijacking to worry about if your network permit an attacker to monitor who/when/where people are disconnected or to kick users off the network at will as would be required to succeed. Besides, to which extent do broadband networks: - permit users to choose their own address? - immediately reuse an address for an other user (unless the pool is exhausted)? //Per -- Per Heldal http://heldal.eml.cc/
Current thread:
- Consumers of Broadband Providers (ISP) may be open to hijack attacks (fwd) Gadi Evron (Jul 19)
- Re: Consumers of Broadband Providers (ISP) may be open to hijack attacks (fwd) Per Heldal (Jul 19)
- Re: Consumers of Broadband Providers (ISP) may be open to hijack attacks (fwd) Gadi Evron (Jul 19)
- Re: Consumers of Broadband Providers (ISP) may be open to hijack attacks Joe Greco (Jul 19)
- Re: Consumers of Broadband Providers (ISP) may be open to hijack attacks (fwd) Valdis . Kletnieks (Jul 19)
- Re: Consumers of Broadband Providers (ISP) may be open to hijack attacks (fwd) Per Heldal (Jul 19)