Bugtraq mailing list archives
Re: Router filtering not enough! (Was: Re: CERT advisory )
From: cwe () it kth se (Christian Wettergren)
Date: Tue, 24 Jan 95 21:25:12 +0100
| > TCP Sequence Numbering attacks are based on the ability of knowing a | > sessions initial sequence number (ISN); a "random" number incremented | > every X (time... | | Not necessarily....If you can see the traffic go by on the net, you | have the sequence numbers and can go right ahead and hijack the | session in-progress. | | This can be done with a routing redirect attack anywhere on the path | between the telnet client and the skey login machine (firewall), and | does not require IP spoofing. | | The filtering router techniques that are being discussed will NOT | provide 100% protection against this sort of attack. If you really | need to be absolutely safe from this kind of attack, you must not run | skey or any other unencrypted interactive login at all. | Application-level encryption can substantially decrese the risk | of intrusion in this case, reducing the attack to a denial of service | (you lose your connection.) Gauge your own risk. At least they have to go for the end-points, and either attack the application or try to get at the keys. Of course one should not use an unsecure external endpoint either. (One could also argue that even if one uses encrypting-IP, many cryptoanalytical attacks might be possible. But that due to become a problem after five years, so lets assume it wont be one! :-)) /Christian Wettergren, cwe () it kth se
Current thread:
- Router filtering not enough! (Was: Re: CERT advisory ) Rens Troost (Jan 24)
- Sequence number spoofing, SunOS der Mouse (Jan 24)
- Re: Router filtering not enough! (Was: Re: CERT advisory ) Rens Troost (Jan 24)
- Re: Router filtering not enough! (Was: Re: CERT advisory ) Christian Wettergren (Jan 24)
- Re: Router filtering not enough! (Was: Re: CERT advisory ) Jim Duncan (Jan 24)