Bugtraq: Re: A new TCP/IP blind data injection technique?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: A new TCP/IP blind data injection technique?

From: Kris Kennaway <kris () FreeBSD org>
Date: Wed, 10 Dec 2003 15:59:33 -0800

On Thu, Dec 11, 2003 at 12:28:28AM +0100, Michal Zalewski wrote:

  2. Random IP ID numbers, a feature of some systems (OpenBSD?), although also
     risky (increasing reassembly collission probability), make the attack
     more difficult.


FreeBSD also has the option of randomizing the IP ID.

Kris

By Date By Thread

Current thread:

A new TCP/IP blind data injection technique? Michal Zalewski (Dec 10)
- Re: A new TCP/IP blind data injection technique? Nick Cleaton (Dec 11)
  - Re: A new TCP/IP blind data injection technique? Valdis . Kletnieks (Dec 11)
    - Re[2]: A new TCP/IP blind data injection technique? Marius Huse Jacobsen (Dec 13)
  - Breaking the checksum (a new TCP/IP blind data injection technique) Michal Zalewski (Dec 15)
- Re: A new TCP/IP blind data injection technique? Kris Kennaway (Dec 11)
  - Re: A new TCP/IP blind data injection technique? Casper Dik (Dec 11)
- RE: A new TCP/IP blind data injection technique? David Gillett (Dec 11)
- Message not available
  - Message not available
    - Re: A new TCP/IP blind data injection technique? Michal Zalewski (Dec 12)
    - Re: A new TCP/IP blind data injection technique? Barney Wolff (Dec 12)
    - Re: A new TCP/IP blind data injection technique? Michal Zalewski (Dec 12)