* Christopher Klaus says: * > To fully fix the problem will require all the vendors to come out with * > kernel patches to make the TCP sequence numbering difficult to * > guess, * Even that is insufficient, actually. If you see a packet going by, you * can still try to jam the works up and steal the connection anyway. The * only permanent solution is a cryptographic security protocol for the * net -- one is actually in the works now in the IETF. * Perry There's a protocol being touted by Netcape Communications Corportation (formerly Mosaic Communications Corportation) which is supposedly strong enough to conduct commerce over. It's description is in a document with all the RFC-bound trappings, located on http://www.mcom.com/ someplace. I'm not a member of the Brainiac Protocol Busters Club, but the protocol looks pretty good to me. In lieu of the IETF protocol, has anybody spotted flaws in the SSL ? It's up and working now, apparently. Richard