NT4 SP6? MS admits NT has a serious security flaw

[mea culpa <jericho () DIMENSIONAL COM>]

From: "Noonan, Michael D" <michael.d.noonan () intel com>

http://www.planetit.com/techcenters/docs/windows_2000/news/TWB19990826S000

Microsoft Admits NT Has Serious Security Flaw
by Peter Heywood (August 26, 1999)
Data Communications

"We are trying to escalate this further and get it into the Hot Fix
schedule," Gopal adds.

NT SP4 is used in a lot of public-facing e-mail hosts and Web servers.
Individual users need to assess the potential impact of a breach in
security, and decide whether to disable Internet use on NT SP4 servers or
move to non-NT platforms until the problem has been resolved, according to
NTA Monitor.

What is Predictable IP Sequence Numbering? Secure systems are usually
configured so that they'll only accept commands from trusted hosts. They
prevent hackers masquerading as trusted hosts by responding to every
command with a sequence number that must be quoted in the next command.
Hackers can't capture these responses because they're directed at the
trusted host, so they have to guess what the next sequence number will be.
If it's predictable (as in 1, 2, 3, 4, in the simplest case), hackers can
send in a whole string of commands without getting any responses.

For more information, see http://www.nta-monitor.com/news/NT4-SP4.htm
Microsoft has acknowledged a serious security flaw in NT when used with
Service Pack 4 (SP4) -- probably the most commonly deployed version of its
operating system.

The flaw enables hackers to masquerade as trusted hosts to get access to
secure systems, using so-called Predictable IP Sequence Numbering -
something that was identified and fixed in Unix systems several years ago,
according to Richard Thomas, head of Winterfold Datacomm (Guildford, UK),
a networking consultancy.

"It's very sloppy for Microsoft not to have plugged this hole," Thomas
said.

[snip..]

ISN is sponsored by Security-Focus.COM