On Tue, 24 Jan 1995, Jon E. Price wrote:
> In Steve Bellovin's explanation on how a break-in can occur, he uses a tcp
> sequence number guesser as part of the break-in.
> Why is a tcp sequence number guesser needed for the break-in?
> If a machine B is running rsh and trusts machine A, why can't machine X just
> rsh to machine B spoofing the ip packets with A's ip address?
This has already been mentioned in the last 12 hours.
B has to receive an acknowledgement of its SSN from A before it believes
it has a connection. Thus, A has to send the correct SSN ack to B.