Re: Borderware predictable initial TCP

[munkedal () N-M COM (Ulf Munkedal)]

This also applies to Firewall-1 on a Windows NT SP3. Vendor has been
notified some time ago.

Like with HP-UX this is an NT problem, but one could argue that firewall
vendors should replace/strengthen the TCP/IP stack on that platform since
MS hasn't solved TCP seq prediction on NT and it has been known for quite
some time. SP3 helps but it doesn't solve the problem.

Ulf

---
Ulf Munkedal
Partner
Neupart & Munkedal
http://www.n-m.com
Tel +45 7020 6565
Fax +45 7020 6065
Public PGP Key: http://www.n-m.com/pgp/
---
SecureTest
- Vished for Internet-sikkerhed


----------
From:   racer-x () ALTAVISTA NET[SMTP:racer-x () ALTAVISTA NET]
Reply To:       racer-x () ALTAVISTA NET
Sent:   2. september 1998 19:16
To:     BUGTRAQ () netspace org
Subject:        Borderware predictable initial TCP

AFAIK, this problem is not a Firewall-1 problem but a HP-UX problem.



Please respond to Gigi Sullivan <sullivan () SECLAB COM>
To:     BUGTRAQ () NETSPACE ORG
Subject:        Re: Borderware predictable initial TCP sequence numbers



Hello there,

This can be applied also to Firewall-1 (CheckPoint) running on an
HP-UX 10.X series.


bye bye


*************************************************
Racer X

(Unknown to Speed, Racer X is actually his older
brother Rex, who ran away from home years ago)
racer-x () altavista net
*************************************************
------------------------------------------------------------------------
--------
 -------------------------------\r\nGet your free email from
altavista.iname.com