Consumers of Broadband Providers (ISP) may be open to hijack attacks (fwd)
ge at linuxbox.org
Wed Jul 19 10:49:25 UTC 2006
On Wed, 19 Jul 2006, Per Heldal wrote:
> What's new here?
When I see a NANOG related issue once in a while on bugtraq, I forward it.
> Attack-vectors for session-hijacking has been thoroughly discussed
> elsewhere, so there's no reason to repeat that here. But ....
> On Wed, 19 Jul 2006 02:02:20 -0500 (CDT), "Gadi Evron" <ge at linuxbox.org>
> > >Description:
> > Some ISP networks do not reset open TCP connections of customers that
> > were either cut-off by the ISP or cut off by self-initiation. While it
> > is
> > responsibility of every person to terminate every open connection before
> > link termination, when the ISP initiates this, it cannot be guaranteed.
> You've got far more serious problems than session hijacking to worry
> about if your network permit an attacker to monitor who/when/where
> people are disconnected or to kick users off the network at will as
> would be required to succeed.
> Besides, to which extent do broadband networks:
> - permit users to choose their own address?
> - immediately reuse an address for an other user (unless the pool is
> Per Heldal
More information about the NANOG