Dear [EMAIL PROTECTED],
VKve> Thank you, Captain Obvious - I specifically *said* that only one of them VKve> needs to be blind spoofing. There is a difference between "you needn't" and "you can't" and "you won't". You say you needn't spoof another one. I say you won't and you can't. VKve> And Michael Zalewski's work showed that even on many boxes that *claim* VKve> to have RFC1948 randomization, you can do pretty well on the predicting. I afraid you misunderstanding or misinterpreting results of Michael Zalewski's work (which is, by the way, last real "hack" in the initial meaning of this word in the field of computer security). In most cases, you have good probability to guess SN after some number of guesses. E.g. for Windows NT 4 you have 100% probability after 5000 guesses. There is no OS with 100% or even 50% probablity after 1 guess. And you have to remember, that result of the guess is not known to you immediately, because you are spoofing blindly. -- ~/ZARAZA http://securityvulns.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/