[742] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Router filtering not enough! (Was: Re: CERT advisory )

daemon@ATHENA.MIT.EDU (Rens Troost)
Tue Jan 24 17:50:58 1995

To: ddrew@mci.net, firewalls@GreatCircle.COM, bugtraq@fc.net, z056716@uprc.com
Cc: rens@lorax.imsi.com
In-Reply-To: Your message of "Tue, 24 Jan 1995 11:17:48 EST."
             <9501241617.AA07921@lorax.imsi.com> 
Reply-To: rens@imsi.com
Date: Tue, 24 Jan 1995 15:21:25 -0500
From: Rens Troost <rens@imsi.com>

>>>>> "Rens" == Rens Troost <rens@imsi.com> writes:

  Rens> This can be done with a routing redirect attack anywhere on
  Rens> the path between the telnet client and the skey login machine
  Rens> (firewall), and does not require IP spoofing.

What I meant was, does not require that it spoofing that can be
detected by router filters. It does require spoofing that the packets
are coming from the machine that originated the valid connection; let
my fingers get ahead of me. 

-Rens


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[742] in bugtraq

Re: Router filtering not enough! (Was: Re: CERT advisory )

daemon@ATHENA.MIT.EDU (Rens Troost)Tue Jan 24 17:50:58 1995

daemon@ATHENA.MIT.EDU (Rens Troost)
Tue Jan 24 17:50:58 1995