Bugtraq mailing list archives
Re: the next generation of nuke.c
From: dorian () oxygen house gov (Dorian Deane)
Date: Fri, 27 Jan 1995 11:02:02 -0500 (EST)
Well, RST is more definitive than FIN, somehow... That said, the attack you cite is harder to carry out than you think. It's easy to guess the next starting sequence number for a connection; it's much harder to know what the sequence number status is of an existing connection unless you're sniffing the wire. You'd also have to know what the client's port number was; again, without sniffing the wire, that's hard to come by, unless one of the two sites has an overly-cooperative SNMP server.
I'm sure I'm confused, but... It seems logical that RST sequence numbers should be ignored. RSTs are usually sent to abort a hosed connection, one in which it is likely the sequence numbers are already out of whack. ??? dorian
Current thread:
- Re: the next generation of nuke.c der Mouse (Jan 26)
- <Possible follow-ups>
- Re: the next generation of nuke.c Operator (Jan 26)
- Re: the next generation of nuke.c smb () research att com (Jan 26)
- Re: the next generation of nuke.c Dorian Deane (Jan 27)
- Re: the next generation of nuke.c Timothy Newsham (Jan 27)
- Re: the next generation of nuke.c smb () research att com (Jan 27)