Reported today on hnn: ( http://www.hackernews.com/ ) This vulnerability was found by NTA Monitor: ( http://www.nta-monitor.com/news/NT4-SP4.htm ) here's a quote: "25 August 1999 NTA Monitor Ltd have discovered a flaw (known as ?Predictable TCP Sequence Numbering?) in Microsoft NT 4 when used with Service Pack 4 (SP4), which means that it is vulnerable to a range of attacks known as ?IP spoofing?. Microsoft?s web site has referred to SP4 correcting a similar problem with NT4 SP3, but it is now apparent that although there has indeed been a change to the sequence numbering method used, the new method is no more secure than SP3." microsoft says: ( http://www.nta-monitor.com/news/NT4-SP4/MS-admit.htm ) "Sorry about the silence... Though the TCP sequence generation pattern changes made to TCPIP.SYS for SP4 are an improvement, I have been informed that this has been resolved in Windows 2000 and will be "back ported" to NT 4.0 in a future SP release. The issue remains open and is being worked on.... We are trying to get escalate this further and get it into the HOTFIX schedule and hope to make it available to xxx ASAP. Hope this helps... Thanks and Regards, Sunil Gopal, MCSE Technical Specialist/Systems Engineer mailto:[EMAIL PROTECTED]" The tcp sequence issue was supposedly fixed in sp3, but aparrently it was not. I wonder what else microsoft will "back port"? spiff - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
