Question:
is the "guessable TCP sequence number process" a flaw in the randomization
of the ISN?
--- Robert Padjen <[EMAIL PROTECTED]> wrote:
> Slightly OT.
>
> Cisco is announcing a number of security holes in
> certain versions of the IOS, likely tomorrow. A number
> of them are starting to get exposure in the security
> press already, and ISPs have been briefed and should
> have patches and other temporary fixes in place
> already. Enterprise customers (some larger ones) were
> briefed today and have already taken steps to thwart
> attacks.
>
> The two biggest threats in my mind are:
>
> - A default SNMP RW string of ILMI.
> - A guessable TCP sequence number process - this could
> be used to hack BGP and other router processes.
>
> There are a number of others. Most of us will be same
> because the attacks need access - for example, you
> deny SNMP from the untrusted networks, right? Thus,
> ILMI is just another guess at the password/string. BGP
> should only accept packets from the neighbor, so
> again, a non-issue hopefully.
>
> The biggest reason for posting this here is for those
> studying security - the next few days should be very
> interesting to watch.
>
> =====
> Robert Padjen
>
> __________________________________________________
> Do You Yahoo!?
> Get email at your own domain with Yahoo! Mail.
> http://personal.mail.yahoo.com/
>
> _________________________________
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.
http://personal.mail.yahoo.com/
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
