> sequence number attacks because UDP doesn't have sequence numbers. To > the extent that RPC services are provided over TCP, they are vulnerable > to the sequence number attack. But what TCP RPC services could you exploit without seeing return traffic? The only ones that I could think of could be attacked *much* more efficiently with UDP equivalents (since you can spoof UDP 100% of them time but TCP sequence number guessing only a small fraction of the time). > der Mouse > mouse@collatz.mcrcim.mcgill.edu