[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Re: [VulnWatch] TCP Reset Attacks: Paper and Code Now Availble
- To: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxx, full-disclosure-admin@xxxxxxxxxxxxxxxx, sullo@xxxxxxxx, vulnwatch@xxxxxxxxxxxxx
- Subject: Re: [Full-Disclosure] Re: [VulnWatch] TCP Reset Attacks: Paper and Code Now Availble
- From: Brent.Wolfram@xxxxxxx
- Date: Fri, 23 Apr 2004 06:29:59 -0700
Cisco presentation:
http://www.cansecwest.com/csw04/csw04-Ahlawat.ppt
It is affected, and they are making changes.
"Kurt Seifried" <listuser@xxxxxxxxxxxx>
Sent by: full-disclosure-admin@xxxxxxxxxxxxxxxx
04/22/2004 09:04 PM
Please respond to "Kurt Seifried"
To: <sullo@xxxxxxxx>, <vulnwatch@xxxxxxxxxxxxx>,
<bugtraq@xxxxxxxxxxxxxxxxx>,
<full-disclosure@xxxxxxxxxxxxxxxx>
cc:
Subject: [Full-Disclosure] Re: [VulnWatch] TCP Reset Attacks:
Paper and Code Now
Availble
Please note:
According to the Cisco presentation afterwards, Cisco's RST behavior makes
it non vulnerable as there is a wait period after a certain number of bad
RST packets are recieved. Thus Cisco IOS is basically not affected.
Kurt Seifried, kurt@xxxxxxxxxxxx
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html