Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1995_1

Bugtraq archives for 1st quarter (Jan-Mar) 1995: Re: NYT Article this morning

Re: NYT Article this morning

David Kovar (kovarNDA.COM)
Mon, 23 Jan 1995 20:46:20 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Christopher Klaus: "Re: address spoof/no return packets"
Previous message: Mark Crother: "CIAC Advisory F-08: IP Address Spoofing and Hijacked Session Attacks (fwd)"
Next in thread: Valdis.Kletnieksvt.edu: "Re: NYT Article this morning"

> To fully fix the problem will require all the vendors to come out with
> kernel patches to make the TCP sequence numbering difficult to guess, then
> have all the admins apply those patches to all the machines on Internet, 
> and then we will have solved the problem.  (While we are at it, have 
> admins install patches that stop get-root scripts also).  Pretty simple and 
> quick to implement.  <grin>

  I don't have access to the source for the appropriate modules, but it
seems to me that this is a relatively simple change. What am I missing?

-David

Next message: Christopher Klaus: "Re: address spoof/no return packets"
Previous message: Mark Crother: "CIAC Advisory F-08: IP Address Spoofing and Hijacked Session Attacks (fwd)"
Next in thread: Valdis.Kletnieksvt.edu: "Re: NYT Article this morning"