Re: (PM) Re: Livingston Portmaster - ISN generation is loosy! (sic)

David Denney (daud@dimensional.com)
Wed, 1 Jul 1998 11:29:46 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: John Storms: "Re: (PM) Re: Livingston Portmaster - ISN generation is loosy!"
Previous message: System Administration Staff: "Re: (PM) IP address duplication?"

On Tue, Jun 30, 1998 at 01:39:57PM -0500, Todd R. Eigenschink wrote:
> Making some hacks with Initial Sequence Numbers (ISN), i found something
> really strange on Livingston Portmasters routers (running ComOS). It seems
> that the ISN is always 127 :o
>
> This is really annoying, because this is really a big security hole (think
> about IP-Blind Spoofing), and more formally, it do not comply with RFC793.

Is Livingston going to address this major security problem
with an interim release, or is it going to be the same old
"ready when it's ready" crap??

-- David Denney protect your freedom (while you still can) daud@pagan.net visit www.crypto.com and www.eff.org now http://www.pagan.net/~daud/ finger me for PGP key, and use it!

... they can have my ssh when they pry the keyboard out of my cold, dead hands! - To unsubscribe, email 'majordomo@livingston.com' with 'unsubscribe portmaster-users' in the body of the message. Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>

Next message: John Storms: "Re: (PM) Re: Livingston Portmaster - ISN generation is loosy!"
Previous message: System Administration Staff: "Re: (PM) IP address duplication?"