Bugtraq: Re: A new TCP/IP blind data injection technique?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: A new TCP/IP blind data injection technique?

From: Casper Dik <casper () holland sun com>
Date: Thu, 11 Dec 2003 18:17:41 +0100

On Thu, Dec 11, 2003 at 12:28:28AM +0100, Michal Zalewski wrote:

  2. Random IP ID numbers, a feature of some systems (OpenBSD?), although also
     risky (increasing reassembly collission probability), make the attack
     more difficult.


FreeBSD also has the option of randomizing the IP ID.


Solaris uses a different IP ID sequence for each system it
communicates with; you'll need to be able to see the packets
go by (in which case TCP splicing is child's play).

Casper

By Date By Thread

Current thread:

Re: A new TCP/IP blind data injection technique?, (continued)
- Re: A new TCP/IP blind data injection technique? Nick Cleaton (Dec 11)
  - Re: A new TCP/IP blind data injection technique? Valdis . Kletnieks (Dec 11)
    - Re[2]: A new TCP/IP blind data injection technique? Marius Huse Jacobsen (Dec 13)
  - Breaking the checksum (a new TCP/IP blind data injection technique) Michal Zalewski (Dec 15)
- Re: A new TCP/IP blind data injection technique? Kris Kennaway (Dec 11)
  - Re: A new TCP/IP blind data injection technique? Casper Dik (Dec 11)
- RE: A new TCP/IP blind data injection technique? David Gillett (Dec 11)
- Message not available
  - Message not available
    - Re: A new TCP/IP blind data injection technique? Michal Zalewski (Dec 12)
    - Re: A new TCP/IP blind data injection technique? Barney Wolff (Dec 12)
    - Re: A new TCP/IP blind data injection technique? Michal Zalewski (Dec 12)
    - Re: A new TCP/IP blind data injection technique? Stephen Frost (Dec 12)