Bugtraq mailing list archives
Re: NYT Article this morning
From: Valdis.Kletnieks () vt edu (Valdis.Kletnieks () vt edu)
Date: Tue, 24 Jan 1995 13:44:42 -0500
On Mon, 23 Jan 1995 20:46:20 EST, David Kovar said:
To fully fix the problem will require all the vendors to come out with kernel patches to make the TCP sequence numbering difficult to guess, then have all the admins apply those patches to all the machines on Internet, and then we will have solved the problem. (While we are at it, have admins install patches that stop get-root scripts also). Pretty simple and
quick to implement. <grin>I don't have access to the source for the appropriate modules, but it seems to me that this is a relatively simple change. What am I missing?
What you're missing is that making the change is trivial. Getting it deployed is another story. There are an estimated 2.5 million or so hosts on the Internet, many of them PC's, Macs, and various legacy systems dating back to the Stone Age. Many dont have software maintenance contracts, or are running release of software no longer supported. I dont' have kernel source for AIX 2.2.1 - it's going to be a REAL challenge for me to make the change for my two home systems, which IBM stopped supporting 5 years ago. Valdis Kletnieks Computer Systems Engineer Virginia Tech
Current thread:
- Re: NYT Article this morning der Mouse (Jan 23)
- <Possible follow-ups>
- Re: NYT Article this morning Perry E. Metzger (Jan 23)
- Re: NYT Article this morning Rick Busdiecker (Jan 24)
- Re: NYT Article this morning Perry E. Metzger (Jan 24)
- Re: NYT Article this morning Rick Busdiecker (Jan 24)
- Re: NYT Article this morning David Kovar (Jan 23)
- Re: NYT Article this morning Valdis.Kletnieks () vt edu (Jan 24)