Is Your e3000 Environment Secure? - by Mark Bixby
Is Your e3000 Environment Secure? - HPWorld 2003 page 55August 14, 2003
MPE TCP vulnerable to sequence
number spoofing
§MPE TCP sequence numbers are predictable and can
enable a hacker to impersonate your e3000 in order to
exploit trust relationships
§For more info on TCP sequence spoofing, see:
http://www.sans.org/rr/threats/intro_spoofing.php
§Patches are available to randomize MPE initial TCP
sequence numbers:
– 6.5: NSTHD00 (GR)
– 7.0: NSTHD01 (GR)
– 7.5: NSTHD02 (GR)