On Fri, 25 Jun 2010 14:49:00 EDT, musnt live said:
> TCP is called Transmission Control Protocol and it can be with easily
> testing spoofed.
Only if the vendor is Doing It Very Wrong.
RFC1948 Defending Against Sequence Number Attacks. S. Bellovin. May 1996.
(Format: TXT=13074 bytes) (Status: INFORMATIONAL)
A few years later, Michal Zalewski wrote a paper about it:
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.96.9652&rep=rep1&type=pdf
And a year after that, a follow up:
http://www.packetstormsecurity.org/papers/protocols/newtcp.htm
The problem was known for a long time before that:
R.T. Morris, "A Weakness in the 4.2BSD UNIX TCP/IP Software",
CSTR 117, 1985, AT&T Bell Laboratories, Murray Hill, NJ.
http://pdos.csail.mit.edu/~rtm/papers/117-abstract.html
Any vendor still botching it in 2010 deserves to be mocked mercilessly.
Attachment:
pgpOru1DoFQqA.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/