Firewall Wizards mailing list archives
RE: BGP TCP RST Attacks (was:CIsco PIX vulnerable to TCP RST DOS attacks)
From: Gwendolynn ferch Elydyr <gwen () reptiles org>
Date: Wed, 5 May 2004 13:12:51 -0400 (EDT)
On Wed, 5 May 2004, Josh Welch wrote:
The advisories I have seen have made this same statement. However, according to another list I read there are a number of network operators who feel this is not a real threat. A number of them hold that it would be excessively challenging to be able to match up the source-ip:source-port and dest-ip:dest-port and effectively reset a BGP session without generating a large volume of traffic, which should be noticed in and of itself. So, I am wondering what people have been seeing, anyone yet seen evidence of an attempt to exploit this?
Well - in that case, you'd be depending on how truely random the source_ip:source_port and dest_ip:dest_port combinations are. We already know that three of these pieces of information aren't hard to obtain. cheers! ========================================================================== A cat spends her life conflicted between a deep, passionate and profound desire for fish and an equally deep, passionate and profound desire to avoid getting wet. This is the defining metaphor of my life right now." _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- CIsco PIX vulnerable to TCP RST DOS attacks Ahmed, Balal (May 05)
- <Possible follow-ups>
- Re: CIsco PIX vulnerable to TCP RST DOS attacks Paul D. Robertson (May 05)
- Re: CIsco PIX vulnerable to TCP RST DOS attacks Shimon Silberschlag (May 05)
- RE: CIsco PIX vulnerable to TCP RST DOS attacks Melson, Paul (May 05)
- Re: CIsco PIX vulnerable to TCP RST DOS attacks Mikael Olsson (May 05)
- RE: BGP TCP RST Attacks (was:CIsco PIX vulnerable to TCP RST DOS attacks) Josh Welch (May 05)
- Re: BGP TCP RST Attacks (was:CIsco PIX vulnerable to TCP RST DOS attacks) Chuck Swiger (May 05)
- RE: BGP TCP RST Attacks (was:CIsco PIX vulnerable to TCP RST DOS attacks) Gwendolynn ferch Elydyr (May 05)
- Re: BGP TCP RST Attacks (was:CIsco PIX vulnerable to TCP RST DOS attacks) Henning Brauer (May 06)
- RE: BGP TCP RST Attacks (was:CIsco PIX vulnerable to TCP RST DOS attacks) Josh Welch (May 05)
- RE: CIsco PIX vulnerable to TCP RST DOS attacks Ahmed, Balal (May 05)
- CIsco PIX vulnerable to TCP RST DOS attacks Dario Calia (May 05)