Patch for iptables (Linux firewall)
Malcolm
malcolm.parsons at gmail.com
Thu Oct 25 00:10:09 CEST 2007
On 24/10/2007, Stefan Sperling <stsp at stsp.name> wrote:
> On Wed, Oct 24, 2007 at 09:58:26PM +0200, Stefan Sperling wrote:
> > No, and I was talking nonesense anyway since you cannot
> > spoof a TCP connection (which telnet requires).
> > You'd never get the ACK :)
>
> Mmmh on the other hand you might not care about the ACK.
You can open a TCP connection without receiving the ACK if you can reliably
guess the initial sequence number contained in the ACK.
Linux uses a good random number generator, so we're probably safe.
--
Malcolm Parsons
More information about the dslinux-devel
mailing list