nanog mailing list archives

Re: tcp,guardent,bellovin

From: Rafi Sadowsky <rafi-nanog () meron openu ac il>
Date: Mon, 12 Mar 2001 19:18:32 +0200 (IST)



 Hi

 Is there anything actually new in this exploit compared to the known TCP
hijacking vulnerabilities as portrayed say in Phrack 50(Juggernaut) ?

Thanks
        Rafi

-- 
Rafi Sadowsky                                   rafi () oumail openu ac il
Network/System/Security  VoiceMail: +972-3-646-0592   FAX: +972-3-646-0454
       Mangler ( :-)      |  FIRST-REP for ILAN-CERT(CERT () CERT AC IL)
Open University of Israel |  (PGP key -> )  http://telem.openu.ac.il/~rafi

On Mon, 12 Mar 2001, Steven M. Bellovin wrote:


In message <87hf0z59qe.fsf () lackawana kippona com>, Chris Beggy writes:



tcp,guardent,bellovin are all mentioned in a WSJ article on DOS
and session hijacking, but I don't see anything on CERT yet.

Any details? Any incidents using the exploit guardent has
identified?


Not to my knowledge...

The folks at Guardent are talking to CERT and to various vendors about
the problem before releasing any details.

              --Steve Bellovin, http://www.research.att.com/~smb

Current thread:

tcp,guardent,bellovin Chris Beggy (Mar 12)
- <Possible follow-ups>
- Re: tcp,guardent,bellovin Steven M. Bellovin (Mar 12)
  - Re: tcp,guardent,bellovin Rafi Sadowsky (Mar 12)
  - Re: tcp,guardent,bellovin bert hubert (Mar 12)
  - Re: tcp,guardent,bellovin Scott Francis (Mar 12)
- Re: tcp,guardent,bellovin Steven M. Bellovin (Mar 12)
  - Re: tcp,guardent,bellovin Rafi Sadowsky (Mar 12)
    - Re: tcp,guardent,bellovin Jim Duncan (Mar 12)
- Re: tcp,guardent,bellovin Richard A. Steenbergen (Mar 12)
  - Re: tcp,guardent,bellovin bert hubert (Mar 12)
  - Re: tcp,guardent,bellovin Valdis . Kletnieks (Mar 12)
- Re: tcp,guardent,bellovin Steven M. Bellovin (Mar 12)