[35547] in North American Network Operators' Group
Re: tcp,guardent,bellovin
daemon@ATHENA.MIT.EDU (Rafi Sadowsky)
Mon Mar 12 22:14:36 2001
Date: Tue, 13 Mar 2001 05:12:28 +0200 (IST)
From: Rafi Sadowsky <rafi-nanog@meron.openu.ac.il>
Reply-To: <nanog@merit.edu>
To: "Steven M. Bellovin" <smb@research.att.com>
Cc: <nanog@merit.edu>
In-Reply-To: <20010312172914.2266535C42@berkshire.research.att.com>
Message-ID: <Pine.GSO.4.31.0103130508560.9269-100000@meron.openu.ac.il>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Mon, 12 Mar 2001, Steven M. Bellovin wrote:
>
> In message <Pine.GSO.4.31.0103121911520.9269-100000@meron.openu.ac.il>, Rafi Sa
> dowsky writes:
> >
> > Hi
> >
> > Is there anything actually new in this exploit compared to the known TCP
> >hijacking vulnerabilities as portrayed say in Phrack 50(Juggernaut) ?
>
> Juggernaut requires eavesdropping; this one doesn't.
No eavesdropping at all ? how can a TCP connection be hijacked if you're
not on the connection path?
(Or capable of diverting the connection past you -
breaking routers/source_routing/<whatever>.... )
>
> --Steve Bellovin, http://www.research.att.com/~smb
>
Thanks
Rafi
>
>
