[32795] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: A new TCP/IP blind data injection technique?

daemon@ATHENA.MIT.EDU (Kris Kennaway)
Thu Dec 11 12:24:46 2003

Date: Wed, 10 Dec 2003 15:59:33 -0800
From: Kris Kennaway <kris@FreeBSD.org>
To: Michal Zalewski <lcamtuf@ghettot.org>
Cc: bugtraq@securityfocus.com, full-disclosure@netsys.com
Message-ID: <20031210235933.GA32037@hub.freebsd.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.LNX.4.58.0312110022340.8651@nimue.bos.bindview.com>

On Thu, Dec 11, 2003 at 12:28:28AM +0100, Michal Zalewski wrote:

>   2. Random IP ID numbers, a feature of some systems (OpenBSD?), although also
>      risky (increasing reassembly collission probability), make the attack
>      more difficult.

FreeBSD also has the option of randomizing the IP ID.

Kris


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[32795] in bugtraq

Re: A new TCP/IP blind data injection technique?

daemon@ATHENA.MIT.EDU (Kris Kennaway)Thu Dec 11 12:24:46 2003

daemon@ATHENA.MIT.EDU (Kris Kennaway)
Thu Dec 11 12:24:46 2003