On Thu, 2004-04-22 at 10:37, alex@xxxxxxxxxxxx wrote:
> On 22 Apr 2004, jamal wrote:
> > Its infact harder to create this attack compared to a simple
> > SYN attack.
> Not quite.
I meant a SYN Flood attack is a much trivial attack than this
but the media may have gotten used to it by now.
> > Unless i misunderstood: You need someone/thing to see about 64K packets
> > within a single flow to make the predicition so the attack is succesful.
> > Sure to have access to such capability is to be in a hostile path, no?
> > ;->
> No, you do not need to see any packet.
>
Ok, so i misunderstood then. How do you predict the sequences without
seeing any packet?
Is there any URL to mentioned paper?
> Inter-provider BGP is long-lived with close to fixed ports, which is why
> it has caused quite a stir.
Makes sense. What would be the overall effect though? Route flaps?
> Nevertheless, number of packets to kill the session is still *large*
> (under "best-case" for attacker, you need to send 2^30 packets)...
;->
cheers,
jamal
|