[772] in bugtraq
Re: Blind IP Spoofing Attacks.
daemon@ATHENA.MIT.EDU (Timothy Newsham)
Wed Jan 25 17:35:50 1995
From: newsham@aloha.net (Timothy Newsham)
To: mouse@Collatz.McRCIM.McGill.EDU (der Mouse)
Date: Wed, 25 Jan 1995 10:01:06 -1000 (HST)
Cc: newsham@aloha.net, bugtraq@fc.net
In-Reply-To: <199501251414.JAA15183@Collatz.McRCIM.McGill.EDU> from "der Mouse" at Jan 25, 95 09:14:40 am
> sequence number attacks because UDP doesn't have sequence numbers. To
> the extent that RPC services are provided over TCP, they are vulnerable
> to the sequence number attack.
But what TCP RPC services could you exploit without seeing return traffic?
The only ones that I could think of could be attacked *much* more
efficiently with UDP equivalents (since you can spoof UDP 100% of them
time but TCP sequence number guessing only a small fraction of the time).
> der Mouse
> mouse@collatz.mcrcim.mcgill.edu
