As dinsdag tussen 16:00 en 17:00 wordt er in de tweede kamer de bewaarplicht behandeld .. Heeft iemand meer info over wat er op de planning staat qua informatie verstrekking aan 2de kamer leden of protest/informatieve actie ? Gaan er mensen vanuit ISP-land naar Den Haag om het geheel aan te horen ? http://www.bezwaarplicht.nl/ http://www.bof.nl/fabels.html http://www.bof.nl/verkeersgegevens.html Met vriendelijke groeten, Erik Bais -------- I S - I N T E R N E D - S E R V I C E S - B V -------- domeinregistratie - webhosting - colocating - dedicated servers www.is.nl - info at is.nl - T: 0299-476185 Gorslaan 18 - 1441 RG - Purmerend ---------------------------------------------------------------
Title: NISCC Vulnerability Advisory ICMP - 532967 Abstract: ICMP is the control protocol for IP (Internet Protocol), a core network protocol used in the majority of networked computer systems today. Most vendors include support for this protocol in their products and may be impacted to varying degrees. Furthermore any network service or application that relies on a long-lived TCP connection will also be impacted if the host processes ICMP messages in accordance with RFC 1122. For the Source Quench attack the severity will depend on the throughput of the TCP connection; the application may well become unusable. Vendors affected: multiple Operating Systems affected: multiple Applications/Services affected: multiple Zie verder: http://www.niscc.gov.uk/niscc/docs/al-20050412-00308.html?lang=en
On Tue, Apr 12, 2005 at 02:54:54PM +0200, G.J. Moed wrote:
Zie verder: http://www.niscc.gov.uk/niscc/docs/al-20050412-00308.html?lang=en
532967/NISCC/ICMP/2 CVE number: CAN-2004-1060 In the case where a host complies with RFC 1191 ("Path MTU Discovery"), it is possible to use the blind connection-reset attack with a ICMP Type 3 Code 4 packet and the addition of the "next-hop MTU" field in the ICMP header set to a value of 68 (octets) to slow down the transmission rate for traffic from the host. Net even vluchtig doorgelezen. Dit is niet *zomaar* te doen aangezien RFC1191 voorschrijft dat de header + eerste 64 bits van het originele packet worden meegestuurd. Elke sane ip-stack zal daar op controleren. -- Sabri Berisha, - CCNA, JNCIA #747 Internetworking Professional - +31 (0) 6 19890416 http://www.cluecentral.net - http://www.virt-ix.net
True, maar toch: Vendors affected: multiple Operating Systems affected: multiple Applications/Services affected: multiple ben benieuwd ;-) oftewel, wie hebben er geen 'sane' ip-stack... Sabri Berisha wrote:
On Tue, Apr 12, 2005 at 02:54:54PM +0200, G.J. Moed wrote:
Zie verder: http://www.niscc.gov.uk/niscc/docs/al-20050412-00308.html?lang=en
532967/NISCC/ICMP/2 CVE number: CAN-2004-1060
In the case where a host complies with RFC 1191 ("Path MTU Discovery"), it is possible to use the blind connection-reset attack with a ICMP Type 3 Code 4 packet and the addition of the "next-hop MTU" field in the ICMP header set to a value of 68 (octets) to slow down the transmission rate for traffic from the host.
Net even vluchtig doorgelezen. Dit is niet *zomaar* te doen aangezien RFC1191 voorschrijft dat de header + eerste 64 bits van het originele packet worden meegestuurd. Elke sane ip-stack zal daar op controleren.
On 12 apr 2005, at 15:08, G.J. Moed wrote:
maar toch: Vendors affected: multiple Operating Systems affected: multiple Applications/Services affected: multiple
ben benieuwd ;-) oftewel, wie hebben er geen 'sane' ip-stack...
Via-via heb ik al gehoord dat JunOS 6.2 niet kwetsbaar is hiervoor. Groeten, -- Niels Bakker Tel: +31 205 141 716 Amsterdam Internet Exchange Mobile: +31 651 902 772 http://www.ams-ix.net/ E-mail: Niels.Bakker at ams-ix.net
Het duurde even voor dat ie er stond: http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml Sabri Berisha wrote:
On Tue, Apr 12, 2005 at 02:54:54PM +0200, G.J. Moed wrote:
Zie verder: http://www.niscc.gov.uk/niscc/docs/al-20050412-00308.html?lang=en
532967/NISCC/ICMP/2 CVE number: CAN-2004-1060
In the case where a host complies with RFC 1191 ("Path MTU Discovery"), it is possible to use the blind connection-reset attack with a ICMP Type 3 Code 4 packet and the addition of the "next-hop MTU" field in the ICMP header set to a value of 68 (octets) to slow down the transmission rate for traffic from the host.
Net even vluchtig doorgelezen. Dit is niet *zomaar* te doen aangezien RFC1191 voorschrijft dat de header + eerste 64 bits van het originele packet worden meegestuurd. Elke sane ip-stack zal daar op controleren.
participants (4)
-
erik@is.nl -
gjmoed@xenosite.net -
niels.bakker@ams-ix.net -
sabri@cluecentral.net