[35529] in North American Network Operators' Group
Re: tcp,guardent,bellovin
daemon@ATHENA.MIT.EDU (Rafi Sadowsky)
Mon Mar 12 12:22:52 2001
Date: Mon, 12 Mar 2001 19:18:32 +0200 (IST)
From: Rafi Sadowsky <rafi-nanog@meron.openu.ac.il>
Reply-To: <nanog@merit.edu>
To: "Steven M. Bellovin" <smb@research.att.com>
Cc: Chris Beggy <chrisb@kippona.com>, <nanog@merit.edu>
In-Reply-To: <20010312145008.4E65335C42@berkshire.research.att.com>
Message-ID: <Pine.GSO.4.31.0103121911520.9269-100000@meron.openu.ac.il>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
Hi
Is there anything actually new in this exploit compared to the known TCP
hijacking vulnerabilities as portrayed say in Phrack 50(Juggernaut) ?
Thanks
Rafi
--
Rafi Sadowsky rafi@oumail.openu.ac.il
Network/System/Security VoiceMail: +972-3-646-0592 FAX: +972-3-646-0454
Mangler ( :-) | FIRST-REP for ILAN-CERT(CERT@CERT.AC.IL)
Open University of Israel | (PGP key -> ) http://telem.openu.ac.il/~rafi
On Mon, 12 Mar 2001, Steven M. Bellovin wrote:
>
> In message <87hf0z59qe.fsf@lackawana.kippona.com>, Chris Beggy writes:
> >
> >
> >tcp,guardent,bellovin are all mentioned in a WSJ article on DOS
> >and session hijacking, but I don't see anything on CERT yet.
> >
> >Any details? Any incidents using the exploit guardent has
> >identified?
>
> Not to my knowledge...
>
> The folks at Guardent are talking to CERT and to various vendors about
> the problem before releasing any details.
>
> --Steve Bellovin, http://www.research.att.com/~smb
>
>
>
>
