[63458] in North American Network Operators' Group
Re: Kiss-o'-death packets?
daemon@ATHENA.MIT.EDU (Peter Galbavy)
Mon Oct 6 07:46:39 2003
From: "Peter Galbavy" <peter.galbavy@knowtion.net>
To: "Sean Donelan" <sean@donelan.com>
Cc: <Valdis.Kletnieks@vt.edu>, <nanog@merit.edu>
Date: Mon, 6 Oct 2003 11:45:11 +0100
Errors-To: owner-nanog-outgoing@merit.edu
Sean Donelan wrote:
> Uhm, you are also aware that if the attacker can spoof the
> kiss-o'-death packets; the same attacker could spoof all sorts of
> other packets including the time protocol packets to change the clock
> on your computer.
"Yes but"... there is a strong likelyhood that less paranoid protocol
implementors (not necessarily designers, just those coding stuff from spec)
could simplify their lives and not check all the right conditions required
to filter unwanted stuff. Bye bye farm.
Oh, this has happened already ? Now, where is that "Windows Update" icon
again ...
Peter
