Great Circle Associates Firewalls
(May 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: [fwd] RFC1948 on Sequence Number Attacks
From: Paul Ferguson <pferguso @ cisco . com>
Date: Fri, 17 May 1996 14:29:43 -0400
To: firewalls @ GreatCircle . com 
FYI.

- paul

[snip]

>To: IETF-Announce:;
>Subject: RFC1948 on Sequence Number Attacks
>Cc: rfc-ed @
 isi .
 edu
>Date: Fri, 17 May 96 10:08:00 PDT
>Sender: ietf-announce-request @
 IETF .
 CNRI .
 Reston .
 VA .
 US
>From: RFC Editor <rfc-ed @
 isi .
 edu>
>
>
>A new Request for Comments is now available in online RFC libraries.
>
>
>        RFC 1948:
>
>        Title:      Defending Against Sequence Number Attacks
>        Author:     S. Bellovin
>        Date:       May 1996
>        Mailbox:    smb @
 research .
 att .
 com
>        Pages:      6
>        Characters: 13,074
>        Updates/Obsoletes:  none
>
>        URL:        ftp://ds.internic.net/rfc/rfc1948.txt
>
>
>IP spoofing attacks based on sequence number spoofing have become a
>serious threat on the Internet (CERT Advisory CA-95:01).  While
>ubiquitous crypgraphic authentication is the right answer, we propose
>a simple modification to TCP implementations that should be a very
>substantial block to the current wave of attacks.
>
>This memo provides information for the Internet community.  This memo
>does not specify an Internet standard of any kind.  Distribution of
>this memo is unlimited.
>
>This announcement is sent to the IETF list and the RFC-DIST list.
>Requests to be added to or deleted from the IETF distribution list
>should be sent to IETF-REQUEST @
 CNRI .
 RESTON .
 VA .
 US .
   Requests to be
>added to or deleted from the RFC-DIST distribution list should
>be sent to RFC-DIST-REQUEST @
 ISI .
 EDU .
 
>
>Details on obtaining RFCs via FTP or EMAIL may be obtained by sending
>an EMAIL message to rfc-info @
 ISI .
 EDU with the message body 
>help: ways_to_get_rfcs.  For example:
>
>        To: rfc-info @
 ISI .
 EDU
>        Subject: getting rfcs
>
>        help: ways_to_get_rfcs
>
>Requests for special distribution should be addressed to either the
>author of the RFC in question, or to admin @
 DS .
 INTERNIC .
 NET .
   Unless
>specifically noted otherwise on the RFC itself, all RFCs are for
>unlimited distribution.
>
>Submissions for Requests for Comments should be sent to
>RFC-EDITOR @
 ISI .
 EDU .
   Please consult RFC 1543, Instructions to RFC
>Authors, for further information.
>
>
>Joyce K. Reynolds
>USC/Information Sciences Institute
>
>...
>
>Below is the data which will enable a MIME compliant Mail Reader 
>implementation to automatically retrieve the ASCII version
>of the RFCs.
>Content-Type: text/plain
>Content-ID: <960517100606 .
 RFC @
 ISI .
 EDU>
>
>SEND /rfc/rfc1948.txt
>Content-Type: text/plain
>Content-ID: <960517100606 .
 RFC @
 ISI .
 EDU>

[snip]

--
Paul Ferguson                                           ||        ||
Consulting Engineering                                  ||        ||
Reston, Virginia   USA                                 ||||      ||||
tel: +1.703.716.9538                               ..:||||||:..:||||||:..
e-mail: pferguso @
 cisco .
 com                         c i s c o S y s t e m s
Indexed By Date Previous: Re: CyberTraveler Auction - Unsubscrive MoleKule's.
From: molecul1 @ molecule1 . com (Molecule One Scientific Research Institute)
Next: Comments on FBI Snooping
From: Mark_W_Loveless @ smtp . bnr . com
Indexed By Thread Previous: Re: CyberTraveler Auction - Unsubscrive MoleKule's.
From: molecul1 @ molecule1 . com (Molecule One Scientific Research Institute)
Next: Comments on FBI Snooping
From: Mark_W_Loveless @ smtp . bnr . com
Google
 
Search Internet Search www.greatcircle.com