[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] Attacks based on predictable process IDs??
- To: Full Disclosure <full-disclosure@lists.netsys.com>
- Subject: [Full-Disclosure] Attacks based on predictable process IDs??
- From: Brett Hutley <brett@hutley.net>
- Date: Wed, 26 Nov 2003 11:32:01 +1100
Folks, does anyone know why predictable process IDs are considered harmful?
I can see that there could be the possibility of a compromise if your
cryptographic PRNGs are seeded using a process ID.
Does anyone know of any other types of attacks?
Cheers, Brett
--
Brett Hutley [MAppFin,CISSP,SANS GCIH]
mailto:brett@hutley.net
http://hutley.net/brett
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html