|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability"
From: Tim Newsham (newsham
lava.net)
Date: Wed Feb 06 2008 - 11:48:10 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> Interestingly enough, OpenBSD uses a flavor of this PRNG for
> another field, this time the IP fragmentation ID, part of the
> OpenBSD kernel network stack. The analysis carries out quite
> similarly to show that OpenBSD's IP ID is predictable as well,
> which gives way to O/S fingerprinting, idle-scanning, host alias
> detection, traffic analysis, and in some cases, even to TCP blind
> data injection.
Can you expound upon the blind TCP injection allowed by IP ID
prediction?
> Amit Klein
> CTO Trusteer
Tim Newsham
http://www.thenewsh.com/~newsham/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]