Re: Fwd: [VulnWatch] TCP reset vulnerability

[Steve Worona <sworona () EDUCAUSE EDU>]

I felt the same way, and then I read this part of the report:

> Although denial of service using crafted TCP packets is a well known weakness of TCP, until recently it was believed 
> that a successful denial of service attack was not achievable in practice. ...
>
> The discoverer of the practicability of the RST attack was Paul A. Watson, who describes his research in his paper 
> "Slipping In The Window: TCP Reset Attacks", presented at the CanSecWest 2004 conference. He noticed that the 
> probability of guessing an acceptable sequence number is much higher than 1/2**32 because the receiving TCP 
> implementation will accept any sequence number in a certain range (or "window") of the expected sequence number. The 
> window makes TCP reset attacks practicable.

So is this a relevant new discovery?  Or old news?

Steve
-----
At 1:25 PM -0500 4/20/04, Gene Spafford wrote:
> Gosh, I keep feeling deja vu all over again. :-)    This was a
> problem that was extensively discussed about 5 or 6 years ago....
> Why is it rearing its head again?   Why do we keep seeing the same
> problems again and again and again......?
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
> http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.