[91336] in North American Network Operators' Group
Re: Consumers of Broadband Providers (ISP) may be open to hijack
daemon@ATHENA.MIT.EDU (Gadi Evron)
Wed Jul 19 06:49:51 2006
Date: Wed, 19 Jul 2006 05:49:25 -0500 (CDT)
From: Gadi Evron <ge@linuxbox.org>
To: Per Heldal <heldal@eml.cc>
Cc: NANOG <nanog@merit.edu>
In-Reply-To: <1153297689.7004.266366087@webmail.messagingengine.com>
Errors-To: owner-nanog@merit.edu
On Wed, 19 Jul 2006, Per Heldal wrote:
> What's new here?
When I see a NANOG related issue once in a while on bugtraq, I forward it.
Gadi.
>
> Attack-vectors for session-hijacking has been thoroughly discussed
> elsewhere, so there's no reason to repeat that here. But ....
>
> On Wed, 19 Jul 2006 02:02:20 -0500 (CDT), "Gadi Evron" <ge@linuxbox.org>
> said:
> [snip]
> > >Description:
> > Some ISP networks do not reset open TCP connections of customers that
> > were either cut-off by the ISP or cut off by self-initiation. While it
> > is
> > responsibility of every person to terminate every open connection before
> > link termination, when the ISP initiates this, it cannot be guaranteed.
>
> You've got far more serious problems than session hijacking to worry
> about if your network permit an attacker to monitor who/when/where
> people are disconnected or to kick users off the network at will as
> would be required to succeed.
>
>
>
> Besides, to which extent do broadband networks:
>
> - permit users to choose their own address?
>
> - immediately reuse an address for an other user (unless the pool is
> exhausted)?
>
>
> //Per
> --
> Per Heldal
> http://heldal.eml.cc/
>
