[1621] in linux-security and linux-alert archive
[linux-security] Re: C't Article on Juggernaut
daemon@ATHENA.MIT.EDU (route@resentment.infonexus.com)
Wed Sep 24 03:14:24 1997
From: route@resentment.infonexus.com
To: linux-security@redhat.com
Date: Tue, 23 Sep 1997 19:42:06 -0700 (PDT)
Cc: faust@ida.ljr.com.ocn.nl
In-Reply-To: <3427F507.4EEC1ABC@pobox.com> from "Bill Faust" at Sep 23, 97 09:57:43 am
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
[Bill Faust]
|
| There is a recent article in the German magazine C't that may be of
| interest to those on this list. It describes a cracker program,
s/cracker/hacker/
| Juggernaut, which can hijack telnet sessions. The program is written
Actually, it does alot more then just hijacking. Connection Spying,
connection reseting, automated connection reseting, packet sniffing,
packet assembly (albeit a crappy interface/ implementation. Use SNI's
CAPE).
| Since the program is widely circulated, everyone should at least be
| aware of the attack.
I certainly hope so. The Joncheray paper was published over 2 years
ago. For that matter, Juggernaut v1.0 was published in Phrack 50
(http://www.phrack.com) more then 5 months ago. As it happens, v1.x has
several areas of deficiency, prompting Juggernaut++ (which is still
WIP at this point). A bit more information can be gleaned from:
http://www.infonexus.com/~daemon9/project.html
--
I live a world of paradox... My willingness to destroy is your chance for
improvement, my hate is your fate -- my failure is your victory, a victory
that won't last.
--
----------------------------------------------------------------------
Please refere to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe test-list-request@redhat.com < /dev/null