On Tue, 20 Apr 2004, Richard A Steenbergen wrote: > Anyone who seriously wanted to protect against this attack could easily > deploy RST rate limits against their management interfaces, rather than > run around trying to set up MD5 with every peer. As a long term > improvement, a random ephemeral port selection process could be used.
Insufficient to completely protect against the identified vulnerabilities. Please continue reading.