[14304] in bugtraq
Re: Advisory Update: ServerIron TCP/IP predictability fixed
daemon@ATHENA.MIT.EDU (H D Moore)
Thu Mar 16 21:19:24 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <38CEF25D.518B1625@secureaustin.com>
Date: Tue, 14 Mar 2000 20:15:57 -0600
Reply-To: H D Moore <hdm@SECUREAUSTIN.COM>
From: H D Moore <hdm@SECUREAUSTIN.COM>
X-To: ajv@greebo.net
To: BUGTRAQ@SECURITYFOCUS.COM
Hi,
BeOS 4.0 also has a shoddy tcp/ip stack which increases the ISS by 1 per
connection. This may been fixed by now, I haven't tested it in over a
year.
-HD
Andrew van der Stock wrote:
> The ISS is incremented by 1 for each connection, and is thus easily
> spoofable and hijackable. The predictability exposes sideband information
> about when the switch is being used by other (possibly legitimate) users.
>
> The hosts behind the switch are NOT affected by this issue. The faked IP
> addresses offer the predictability of the hosted platform (ie Linux 2.2.14
> == good luck!, Win9x == trivial joke).
