Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq: Re: A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability"

Re: A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability"

From: Tim Newsham <newsham_at_lava.net>
Date: Wed, 6 Feb 2008 07:48:10 -1000 (HST)

> Interestingly enough, OpenBSD uses a flavor of this PRNG for
> another field, this time the IP fragmentation ID, part of the
> OpenBSD kernel network stack. The analysis carries out quite
> similarly to show that OpenBSD's IP ID is predictable as well,
> which gives way to O/S fingerprinting, idle-scanning, host alias
> detection, traffic analysis, and in some cases, even to TCP blind
> data injection.

Can you expound upon the blind TCP injection allowed by IP ID
prediction?

> Amit Klein
> CTO Trusteer

Tim Newsham
http://www.thenewsh.com/~newsham/
Received on Feb 06 2008

This message: [ Message body ]
Next message: rPath Update Announcements: "rPSA-2008-0043-1 icu"
Previous message: Moritz Muehlenhoff: "[SECURITY] [DSA 1482-1] New squid packages fix denial of service"
In reply to: Amit Klein: "A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability""
Next in thread: Amit Klein: "RE: A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability""

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]