March 16, 2001
TCP flaw may be worse than suspected
Author: JT Smith
If you thought that the TCP flaw announced earlier this week was old news, well, you're correct -- almost. The original announcement, made in 1985, did prompt software vendors to implement random incremental Initial Sequence Numbers to prevent remote attacks. However, what the latest announcement was actually saying was that crackers could still figure out the ISN by sniffing other TCP sessions. Full story at ZDNet News.