North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
- From: Rafi Sadowsky
- Date: Mon Mar 12 12:25:16 2001
Is there anything actually new in this exploit compared to the known TCP
hijacking vulnerabilities as portrayed say in Phrack 50(Juggernaut) ?
Rafi Sadowsky firstname.lastname@example.org
Network/System/Security VoiceMail: +972-3-646-0592 FAX: +972-3-646-0454
Mangler ( :-) | FIRST-REP for ILAN-CERT(CERT@CERT.AC.IL)
Open University of Israel | (PGP key -> ) http://telem.openu.ac.il/~rafi
On Mon, 12 Mar 2001, Steven M. Bellovin wrote:
> In message <email@example.com>, Chris Beggy writes:
> >tcp,guardent,bellovin are all mentioned in a WSJ article on DOS
> >and session hijacking, but I don't see anything on CERT yet.
> >Any details? Any incidents using the exploit guardent has
> Not to my knowledge...
> The folks at Guardent are talking to CERT and to various vendors about
> the problem before releasing any details.
> --Steve Bellovin, http://www.research.att.com/~smb