[comp.protocols.tcp-ip] tcp/ip attacks

pearce@tycho.yerkes.uchicago.edu (Eric C. Pearce) (05/04/89)

We are trying to assess the risks of certain types of network attacks for
our local network.

Several attack strategies based only on the tcp/ip protocol suite were
recently described by Bellovin [ACM Computer Communication Review,
Vol. 19, No. 2, pp 32-48, April 1989].

My question is:  does anyone know of any successful or attempted
attacks on an internet host based on the generic problems with the
tcp/ip protocol suite itself, such as those described by Bellovin?

--

     - Ecp

       Eric C. Pearce, Yerkes Observatory, University of Chicago.
       pearce@tycho.yerkes.uchicago.edu  or  pearce@oddjob.uchicago.edu

boomer@athena.mit.edu (Don Alvarez) (05/05/89)

In article <PEARCE.89May4090044@tycho.yerkes.uchicago.edu>,
pearce@tycho.yerkes.uchicago.edu (Eric C. Pearce) writes:

>We are trying to assess the risks of certain types of network attacks
>for our local network. [cite's Bellovin article] My question is: does
>anyone know of any successful or attempted attacks on an internet
>host based on generic problems with the tcp/ip protocol suite
>itself, such as those described by Bellovin? 

Whether anyone *has* employed a given attack method is of principle
interest to historians.  It sounds to me like you are trying to design
a network for the future, not than discuss the one of the past.  If
you want a vote on whether people agree that the vulnerabilities he
describes are real, then you have at least one "yes" ballot.

(imagine trying to explain to your employer/users that you decided to
ignore a known weakness simply because you had never heard of anyone
exploiting it...)

ps.  For the rest of the tcp-ip community... it's an excellent paper,
and it isn't very long.  As the add says, "if you only read one paper
this year, make it _Security_Problems_in_the_TCP/IP_Protocol_Suite_,
by S.M. Bellovin in the ACM Computer Communication Review, Vol. 19,
No. 2, pp. 32-48, April 1989."
--
     + ----------------------------------------------------------- +
     |   Don Alvarez               MIT Center For Space Research   |
     |   boomer@SPACE.MIT.EDU      77 Massachusetts Ave   37-618   |
     |   (617) 253-7457            Cambridge, MA 02139             |

pnessutt@nis.mn.org (Robert A. Monio) (05/05/89)

In article <11134@bloom-beacon.MIT.EDU> boomer@space.mit.edu (Don Alvarez) writes:
>ps.  For the rest of the tcp-ip community... it's an excellent paper,
>and it isn't very long.  As the add says, "if you only read one paper
>this year, make it _Security_Problems_in_the_TCP/IP_Protocol_Suite_,
>by S.M. Bellovin in the ACM Computer Communication Review, Vol. 19,
>No. 2, pp. 32-48, April 1989."

Okay.  I want one.  How may I obtain it??

Please respond via e_mail.  Thanks for your help.

 -Bob


-- 
 Robert A. Monio                     
 National Information Services, Inc.   "The most valuable commodity that I   
 pnessutt@nis.mn.org                    can think of is information."
 ..uunet!rosevax!nis!pnessutt                 -- Gordon Gecko, Wall Street