Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!unmvax!deimos.cis.ksu.edu!uxc!uxc.cso.uiuc.edu!m.cs.uiuc.edu!p.cs.uiuc.edu!zweig
From: zweig@p.cs.uiuc.edu
Newsgroups: comp.protocols.tcp-ip
Subject: Re: Sequence numbers provide security??
Message-ID: <93400019@p.cs.uiuc.edu>
Date: 10 May 89 04:28:00 GMT
References: <8905081540.AA07029@TIS.COM>
Lines: 21
Nf-ID: #R:<8905081540.AA07029@TIS.COM>:-28:p.cs.uiuc.edu:93400019:000:974
Nf-From: p.cs.uiuc.edu!zweig    May  9 23:28:00 1989


Since presumably if someone at node Foo is trying to impersonate someone from
node Bar in establishing a TCP connection with node Dog, the replies will all
actually be sent to Bar (and Foo may never see them), Foo needs to be able to 
guess the initial sequence number node Dog will issue in order to impersonate
Bar.

The article is talking about faking a TCP connection establishment handshake
when all you're able to do is send packets that look like they originated
elsewhere -- if you can intercept all packets destined for the person you
are impersonating, authentication becomes much trickier.


-Johnny Zweig
 University of Illinois at Urbana-Champaign
 Department of Computer Science
--------------------------------Disclaimer:------------------------------------
   Rule 1: Don't believe everything you read.
   Rule 2: Don't believe anything you read.
   Rule 3: There is no Rule 3.
-------------------------------------------------------------------------------