[prev in list] [next in list] [prev in thread] [next in thread]
List: quagga-users
Subject: [quagga-users 1759] Re: FW: US-CERT Technical Cyber Security Alert
From: Mike Tancsa <mike () sentex ! net>
Date: 2004-04-21 14:10:14
Message-ID: 6.0.3.0.0.20040421100358.062e1ab8 () 209 ! 112 ! 4 ! 2
[Download RAW message or body]
OpenBSD (and soon FreeBSD) will use ephemeral port allocation randomization
which will make it vastly more difficult to guess the source port. Also if
the OS generates decent ISNs this helps a lot as well.
Bottom line is that yes this is an issue to be aware of but then again
there are easier ways to take a router off line or to make it bounce
connections. I mean why go to all this trouble, when a few dozen bots can
blast a router off line. Even a higher end device will have problems
dealing with a 10Kpps blasted at it. (Note, blasted at it, not through it)
---Mike
At 06:53 AM 21/04/2004, Paul Jakma wrote:
>On Tue, 20 Apr 2004, Peter Mueller wrote:
>
> > Is Quagga vulnerable? Or is this an o/s dependant issue?
>
>Everything is vulnerable, the vulnerability increases with window
>sizes, a problem given the ever larger window sizes (linux defaults
>to 65k these days no?), see also:
>
> http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt
>
>Use IPSec (preferably) to secure long-lived connections.
>
> > Thanks much,
> >
> > P
>
>regards,
>--
>Paul Jakma paul@clubi.ie paul@jakma.org Key ID: 64A2FF6A
> warning: do not ever send email to spam@dishone.st
>Fortune:
>I have a rock garden. Last week three of them died.
> -- Richard Diran
>_______________________________________________
>Quagga-users mailing list
>Quagga-users@lists.quagga.net
>http://lists.quagga.net/mailman/listinfo/quagga-users
_______________________________________________
Quagga-users mailing list
Quagga-users@lists.quagga.net
http://lists.quagga.net/mailman/listinfo/quagga-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic