In response to Oliver Fromme <[EMAIL PROTECTED]>: > Pierre Riteau wrote: > > > Because the 3-way handshake ensures that the source address is not > being > > spoofed, more aggressive action can be taken based on these limits. > > s/not being spoofed/more difficult to spoofe/ ;-)
On a modern OS (like FreeBSD) where ISNs are random, the possibility of blindly spoofing an IP during a 3-way handshake is so low as to be effectively impossible. Yes, it _can_ be done, but the effort required makes it not an effective method of attack. -- Bill Moran Collaborative Fusion Inc. http://people.collaborativefusion.com/~wmoran/ [EMAIL PROTECTED] Phone: 412-422-3463x4023 _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
