Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1995_1

Bugtraq archives for 1st quarter (Jan-Mar) 1995: Re: Blind IP Spoofing Attacks.

Re: Blind IP Spoofing Attacks.

Timothy Newsham (newshamaloha.net)
Wed, 25 Jan 1995 10:01:06 -1000 (HST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Timothy Newsham: "Re: preventing sequence number guessing"
Previous message: Timothy Newsham: "Re: Blind IP Spoofing Attacks."
In reply to: der Mouse: "Re: Blind IP Spoofing Attacks."
Next in thread: LaCoursiere J. D.: "Re: Blind IP Spoofing Attacks."

> sequence number attacks because UDP doesn't have sequence numbers.  To
> the extent that RPC services are provided over TCP, they are vulnerable
> to the sequence number attack.

But what TCP RPC services could you exploit without seeing return traffic?
The only ones that I could think of could be attacked *much* more
efficiently with UDP equivalents (since you can spoof UDP 100% of them
time but TCP sequence number guessing only a small fraction of the time).

> 					der Mouse
> 			    mousecollatz.mcrcim.mcgill.edu

Next message: Timothy Newsham: "Re: preventing sequence number guessing"
Previous message: Timothy Newsham: "Re: Blind IP Spoofing Attacks."
In reply to: der Mouse: "Re: Blind IP Spoofing Attacks."
Next in thread: LaCoursiere J. D.: "Re: Blind IP Spoofing Attacks."