[Full-disclosure] TCP Hijacking (aka Man-in-the-Middle)
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Fri Oct 26 20:30:37 BST 2007
On Fri, 26 Oct 2007 18:03:27 +0400, 3APA3A said:
> I afraid you misunderstanding or misinterpreting results of Michael
> Zalewski's work (which is, by the way, last real "hack" in the initial
> meaning of this word in the field of computer security). In most cases,
> you have good probability to guess SN after some number of guesses. E.g.
> for Windows NT 4 you have 100% probability after 5000 guesses. There is
> no OS with 100% or even 50% probablity after 1 guess. And you have to
> remember, that result of the guess is not known to you immediately,
> because you are spoofing blindly.
I'm fully aware of that. How is that any different than the *many* exploits
we've seen that have to launch the attack a number of times with different
offsets because the "right" one can't be predicted?
Not every exploit triggers 100% the first time. Deal with it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20071026/a6bfcf14/attachment.bin
Full-Disclosure is hosted and sponsored by Secunia.