Re: TCP/BGP vulnerability - easier than you think

[Iljitsch van Beijnum <iljitsch () muada com>]

On 23-apr-04, at 12:03, Florian Weimer wrote:

> > BTW, anyone seen anything supporting Paul Watson's claim that all it
> > takes to break a session is four packets?

> Where does he claim that?

In several news stories, such as  
http://www.wired.com/news/technology/0,1282,63143,00.html? 
tw=wn_tophead_2

> I've browsed his paper and the packet numbers he gives are higher.

Do you have a link? I haven't been able to find it so far.

> Either this issue has been wildly exaggerated, or Paul Watson's paper
> is not the whole story.

Yes. I've never been one for conspiracy theories but now I'm tempted to  
become a believer... ("That whole SMNP vulnerability thing was just a  
trick to get us to install fixed IOSes before the real story gets  
out.")

> > I assume he's talking about this vulnerability that was fixed in
> > FreeBSD in 1998: http://ciac.llnl.gov/ciac/bulletins/j-008.shtml

> > I certainly hope our collective favorite vendors didn't overlook
> > this one.

> Maybe they have fixed it now?  This would explain most of the frenzy.

I guess we have to wait a bit longer to find out.