Vulnerability Development mailing list archives
Re: TCP Sequence Prediction
From: pmal () SPACE GR (Panagiotis Malakoudis)
Date: Tue, 4 Apr 2000 08:58:34 +0300
I did the following to a new NT box I started installing one by one all the service packs and after each installation I used nmap with OS detection to check to difficulty level as well as the OS detected Here are my results SP4 - Difficulty 3 - Detected as Windows NT4/Win95/Win98 SP5 - Difficulty 20 - Detected as Windows NT4/Win95/Win98 SP6 - Difficulty 2 - Detected as Windows NT4/Win95/Win98 SP6a - Difficulty 4 - Detected as Windows NT4/Win95/Win98 2047 Hotfix - Difficulty 13378 - Detected as Windows NT 4 Server with 2047 hotfixes The prediction difficulty level is now higher (linux is much higher though - about 12497330 with the 2.2.14 kernel) but the OS detection gives you too many info (great job from insecure.org) - this makes the hotfix a possible exploit candidate. Panagiotis Malakoudis Systems Administrator Space Hellas S.A. ----- Original Message ----- From: Rob Lindenbusch <lfcrob () AI ORG> To: <VULN-DEV () SECURITYFOCUS COM> Sent: Monday, April 03, 2000 4:46 AM Subject: Re: TCP Sequence Prediction
SP 6a does not fix the TCP ISN problems. You still need to apply the hotfix. (Or at least I did on a fresh SP6a install). Paul Taylor wrote:On Thu, 30 Mar 2000, Maxime Rousseau wrote:I belive SP6a fixes the TCP sequence prediction issues. if not i am
certain
there is a hotfix for it. In fact, if i remember correctly, the whole
SP6 vs
SP6a deal was about this hotfix not being in... Someone correct me if
i am
wrong here :)One of the major reasons SP6a was released was that SP6 broke Lotus
Notes.
Not a bad thing, IMHO. -p-- Rob Lindenbusch Lead Systems Administrator Access Indiana Information Network E-mail: lfcrob () ai org Phone: (317)233-2378 URL: http://www.state.in.us/
Current thread:
- Re: TCP Sequence Prediction Rob Lindenbusch (Apr 02)
- Re: TCP Sequence Prediction Maxime Rousseau (Apr 03)
- Re: TCP Sequence Prediction Panagiotis Malakoudis (Apr 03)
- Re: TCP Sequence Prediction Philipp Buehler (Apr 04)
- <Possible follow-ups>
- Re: TCP Sequence Prediction Dean Michael Dorman (Apr 03)