Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: tcp,guardent,bellovin

  • From: Rafi Sadowsky
  • Date: Mon Mar 12 12:25:16 2001


 Hi

 Is there anything actually new in this exploit compared to the known TCP
hijacking vulnerabilities as portrayed say in Phrack 50(Juggernaut) ?

Thanks
	Rafi

-- 
Rafi Sadowsky                                   rafi@oumail.openu.ac.il
Network/System/Security  VoiceMail: +972-3-646-0592   FAX: +972-3-646-0454
       Mangler ( :-)      |  FIRST-REP for ILAN-CERT(CERT@CERT.AC.IL)
Open University of Israel |  (PGP key -> )  http://telem.openu.ac.il/~rafi

On Mon, 12 Mar 2001, Steven M. Bellovin wrote:

>
> In message <87hf0z59qe.fsf@lackawana.kippona.com>, Chris Beggy writes:
> >
> >
> >tcp,guardent,bellovin are all mentioned in a WSJ article on DOS
> >and session hijacking, but I don't see anything on CERT yet.
> >
> >Any details? Any incidents using the exploit guardent has
> >identified?
>
> Not to my knowledge...
>
> The folks at Guardent are talking to CERT and to various vendors about
> the problem before releasing any details.
>
> 		--Steve Bellovin, http://www.research.att.com/~smb
>
>
>
>






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.