tcp,guardent,bellovin
Rafi Sadowsky
rafi-nanog at meron.openu.ac.il
Mon Mar 12 17:18:32 UTC 2001
Hi
Is there anything actually new in this exploit compared to the known TCP
hijacking vulnerabilities as portrayed say in Phrack 50(Juggernaut) ?
Thanks
Rafi
--
Rafi Sadowsky rafi at oumail.openu.ac.il
Network/System/Security VoiceMail: +972-3-646-0592 FAX: +972-3-646-0454
Mangler ( :-) | FIRST-REP for ILAN-CERT(CERT at CERT.AC.IL)
Open University of Israel | (PGP key -> ) http://telem.openu.ac.il/~rafi
On Mon, 12 Mar 2001, Steven M. Bellovin wrote:
>
> In message <87hf0z59qe.fsf at lackawana.kippona.com>, Chris Beggy writes:
> >
> >
> >tcp,guardent,bellovin are all mentioned in a WSJ article on DOS
> >and session hijacking, but I don't see anything on CERT yet.
> >
> >Any details? Any incidents using the exploit guardent has
> >identified?
>
> Not to my knowledge...
>
> The folks at Guardent are talking to CERT and to various vendors about
> the problem before releasing any details.
>
> --Steve Bellovin, http://www.research.att.com/~smb
>
>
>
>
More information about the NANOG
mailing list