Assuming that he do not know port number and must try 20 - 40 ports, it
takes 200 * 10 = 2000 seconds to resert a single session... Useless except a
very special cases 9such as a big community decided to knock down SCO, for
example).
At 05:09 PM 20/04/2004, Richard A Steenbergen wrote:
On Tue, Apr 20, 2004 at 10:36:48AM -0700, Grant A. Kirkwood wrote:
Since no one's mentioned it yet, apparently there was a change in plans.
It was just released a day early.
http://story.news.yahoo.com/news?tmpl=storycid=528e=1u=/ap/20040420/ap_on_hi_te/internet_threat
And the official
On Tue, 20 Apr 2004, Richard A Steenbergen wrote:
Anyone who seriously wanted to protect against this attack could easily
deploy RST rate limits against their management interfaces, rather than
run around trying to set up MD5 with every peer. As a long term
improvement, a random ephemeral
At 05:09 PM 20/04/2004, Richard A Steenbergen wrote:
party to know which side won the collision handling. Therefore you need
262144 packets * 3976 ephemeral ports (assuming both sides are jnpr, again
worst case) * 2 (to figure out who was the connecter and who was the
accepter) = 2084569088
On Apr 20, 2004, at 9:23 PM, Mike Tancsa wrote:
At 05:09 PM 20/04/2004, Richard A Steenbergen wrote:
party to know which side won the collision handling. Therefore you
need
262144 packets * 3976 ephemeral ports (assuming both sides are jnpr,
again
worst case) * 2 (to figure out who was the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 2004-04-20, at 23.09, Richard A Steenbergen wrote:
but the massive amount of confusion,
rumor, and worry which the major router vendors (Cisco and Juniper)
created by essentially rediscovering the god damn spec and then telling
only their