Re: A new TCP/IP blind data injection technique?

To: Michal Zalewski <lcamtuf@xxxxxxxxxxx>
Subject: Re: A new TCP/IP blind data injection technique?
From: Kris Kennaway <kris@xxxxxxxxxxx>
Date: Wed, 10 Dec 2003 15:59:33 -0800
Cc: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxx
In-reply-to: <Pine.LNX.4.58.0312110022340.8651@xxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <Pine.LNX.4.58.0312110022340.8651@xxxxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.4.1i

On Thu, Dec 11, 2003 at 12:28:28AM +0100, Michal Zalewski wrote:

>   2. Random IP ID numbers, a feature of some systems (OpenBSD?), although also
>      risky (increasing reassembly collission probability), make the attack
>      more difficult.

FreeBSD also has the option of randomizing the IP ID.

Kris

Follow-Ups:
- Re: A new TCP/IP blind data injection technique?
  - From: Casper Dik

References:
- A new TCP/IP blind data injection technique?
  - From: Michal Zalewski

Prev by Date: Re: A new TCP/IP blind data injection technique?
Next by Date: A .NET class bug that can hang a machine instantly
Previous by thread: Breaking the checksum (a new TCP/IP blind data injection technique)
Next by thread: Re: A new TCP/IP blind data injection technique?
Index(es):
- Date
- Thread