nanog mailing list archives

Re: tcp,guardent,bellovin

From: Rafi Sadowsky <rafi-nanog () meron openu ac il>
Date: Tue, 13 Mar 2001 05:12:28 +0200 (IST)



On Mon, 12 Mar 2001, Steven M. Bellovin wrote:


In message <Pine.GSO.4.31.0103121911520.9269-100000 () meron openu ac il>, Rafi Sa
dowsky writes:


Hi

Is there anything actually new in this exploit compared to the known TCP
hijacking vulnerabilities as portrayed say in Phrack 50(Juggernaut) ?


Juggernaut requires eavesdropping; this one doesn't.


 No eavesdropping at all ? how can a TCP connection be hijacked if you're
not on the connection path?
(Or capable of diverting the connection past you -
 breaking routers/source_routing/<whatever>.... )


              --Steve Bellovin, http://www.research.att.com/~smb

Thanks
        Rafi

Current thread:

tcp,guardent,bellovin Chris Beggy (Mar 12)
- <Possible follow-ups>
- Re: tcp,guardent,bellovin Steven M. Bellovin (Mar 12)
  - Re: tcp,guardent,bellovin Rafi Sadowsky (Mar 12)
  - Re: tcp,guardent,bellovin bert hubert (Mar 12)
  - Re: tcp,guardent,bellovin Scott Francis (Mar 12)
- Re: tcp,guardent,bellovin Steven M. Bellovin (Mar 12)
  - Re: tcp,guardent,bellovin Rafi Sadowsky (Mar 12)
    - Re: tcp,guardent,bellovin Jim Duncan (Mar 12)
- Re: tcp,guardent,bellovin Richard A. Steenbergen (Mar 12)
  - Re: tcp,guardent,bellovin bert hubert (Mar 12)
  - Re: tcp,guardent,bellovin Valdis . Kletnieks (Mar 12)
- Re: tcp,guardent,bellovin Steven M. Bellovin (Mar 12)