Bugtraq mailing list archives
Re: Blind IP Spoofing Attacks.
From: mouse () Collatz McRCIM McGill EDU (der Mouse)
Date: Wed, 25 Jan 1995 09:14:40 -0500
They mention that NFS and Sun RPC in general are vulnerable to the sequence number attack.
This is only barely true. UDP-based services are not vulnerable to sequence number attacks because UDP doesn't have sequence numbers. To the extent that RPC services are provided over TCP, they are vulnerable to the sequence number attack. Of course, this is not to say that UDP services are secure. Anyone who can obtain file handles can fire unlink or write requests at your NFS server. (This is one reason why you may want to block port 2049 at your firewall, and either block port 111 as well and/or run a portmapper that doesn't do PMAPPROC_CALLIT.) der Mouse mouse () collatz mcrcim mcgill edu
Current thread:
- Blind IP Spoofing Attacks. Timothy Newsham (Jan 24)
- Re: Blind IP Spoofing Attacks. Perry E. Metzger (Jan 24)
- <Possible follow-ups>
- Re: Blind IP Spoofing Attacks. LaCoursiere J. D. (Jan 24)
- Re: Blind IP Spoofing Attacks. Casper Dik (Jan 25)
- Re: Blind IP Spoofing Attacks. Justin Mason (Jan 25)
- Re: Blind IP Spoofing Attacks. Timothy Newsham (Jan 25)
- Re: Blind IP Spoofing Attacks. der Mouse (Jan 25)
- Re: Blind IP Spoofing Attacks. Timothy Newsham (Jan 25)