Netcraft says most TCP sessions are short-lived, so the vulnerability had little impact, though certain critical protocols, such as Border Gateway Protocol (BGP), depend on long-lived sessions. Netcraft said the weakness can be addressed by using MD5 authentication to secure BGP sessions, a step most Internet service providers never take because an exploit seemed mathematically implausible.
r
r
Watson’s exploit, however, makes the attack of the vulnerability much faster, especially for attackers controlling “bot networks” of compromosed machines.
r
r
Watson announced plans on March 14 to present a paper about his findings at the CanSecWest conference, held yesterday. Prior to the presentation, Watson had shared his plans with government security officials in the US and the UK, who organized a response with major vendors such as Savvis. Bill Hancock, chief security officer for Savvis, said in the report that his company implented fixes for the holes last weekend. The fixes were based on the information Watson passed along, Hancock said.
