Consumers of Broadband Providers (ISP) may be open to hijack attacks (fwd)

Gadi Evron ge at linuxbox.org
Wed Jul 19 10:49:25 UTC 2006


On Wed, 19 Jul 2006, Per Heldal wrote:
> What's new here?

When I see a NANOG related issue once in a while on bugtraq, I forward it.

	Gadi.

> 
> Attack-vectors for session-hijacking has been thoroughly discussed
> elsewhere, so there's no reason to repeat that here. But ....
> 
> On Wed, 19 Jul 2006 02:02:20 -0500 (CDT), "Gadi Evron" <ge at linuxbox.org>
> said:
> [snip]
> > >Description:
> > 	Some ISP networks do not reset open TCP connections of customers that
> > were either cut-off by the ISP or cut off by self-initiation.  While it
> > is 
> > responsibility of every person to terminate every open connection before
> > link termination, when the ISP initiates this, it cannot be guaranteed. 
> 
> You've got far more serious problems than session hijacking to worry
> about if your network permit an attacker to monitor who/when/where
> people are disconnected or to kick users off the network at will as
> would be required to succeed.
> 
> 
> 
> Besides, to which extent do broadband networks:
> 
> - permit users to choose their own address?
> 
> - immediately reuse an address for an other user (unless the pool is
> exhausted)?
> 
> 
>  //Per
> -- 
>   Per Heldal
>   http://heldal.eml.cc/
> 




More information about the NANOG mailing list