| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 26 Oct 2007 18:03:27 +0400 From: 3APA3A <3APA3A@...URITY.NNOV.RU> To: Valdis.Kletnieks@...edu Cc: Oliver <olivereatsolives@...il.com>, full-disclosure@...ts.grok.org.uk Subject: Re: TCP Hijacking (aka Man-in-the-Middle) Dear Valdis.Kletnieks@...edu, VKve> Thank you, Captain Obvious - I specifically *said* that only one of them VKve> needs to be blind spoofing. There is a difference between "you needn't" and "you can't" and "you won't". You say you needn't spoof another one. I say you won't and you can't. VKve> And Michael Zalewski's work showed that even on many boxes that *claim* VKve> to have RFC1948 randomization, you can do pretty well on the predicting. I afraid you misunderstanding or misinterpreting results of Michael Zalewski's work (which is, by the way, last real "hack" in the initial meaning of this word in the field of computer security). In most cases, you have good probability to guess SN after some number of guesses. E.g. for Windows NT 4 you have 100% probability after 5000 guesses. There is no OS with 100% or even 50% probablity after 1 guess. And you have to remember, that result of the guess is not known to you immediately, because you are spoofing blindly. -- ~/ZARAZA http://securityvulns.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists