mailing list archives
TCP/IP security vulnerability disclosed
From: "J. Oquendo" <sil () infiltrated net>
Date: Tue, 01 Apr 2008 08:05:59 -0400
Infiltrated Networks Vulnerability Disclosure
TCP/IP is broken
Transmission Control Protocol/Internet Protocol is the basic
communication language or protocol of the Internet. It can also be used
as a communications protocol in a private network (either an intranet or
an extranet). When you are set up with direct access to the Internet,
your computer is provided with a copy of the TCP/IP program just as
every other computer that you may send messages to or get information
from also has a copy of TCP/IP.
TCP/IP is a two-layer program. The higher layer, Transmission Control
Protocol, manages the assembling of a message or file into smaller
packets that are transmitted over the Internet and received by a TCP
layer that reassembles the packets into the original message. The lower
layer, Internet Protocol, handles the address part of each packet so
that it gets to the right destination. Each gateway computer on the
network checks this address to see where to forward the message. Even
though some packets from the same message are routed differently than
others, they'll be reassembled at the destination.
TCP/IP uses the client/server model of communication in which a computer
user (a client) requests and is provided a service (such as sending a
Web page) by another computer (a server) in the network. TCP/IP
communication is primarily point-to-point, meaning each communication is
from one point (or host computer) in the network to another point or
By disconnecting the client between a connection, the server can no
longer reach its destination thus breaking TCP/IP.
A remote or local attacker can unplug an ethernet cable, unplug a switch
or router or bring down an interface and disrupt TCP/IP services.
We are currently working to develop and implement a new RFC labeled
TCP/IP HOKE - Transmission Control Protocol/Internet Protocol Hamster
Operated Kintec Energy.
TCP/IP HOKE will allow hamsters to act as a medium between an end users
failed equipment (RJ45, Routers, etal).
It is unnecessary to use relativistic mechanics (the theory of
relativity as expounded by Albert Einstein) to calculate the kinetic
energy created by little hamsters. We just know that if those fuzzy
little rats run fast enough, they can generate enough kinetic energy for
a brief duration of time. Long enough perhaps for an end user to replace
an ethernet cable, reboot a router, etal.
Every interconnected computer on the planet.
This document was written by an undercaffeinated engineer.
If you have feedback, comments, or additional information about this
vulnerability, please keep them to yourself.
SGFA #579 (FW+VPN v4.1)
SGFE #574 (FW+VPN v4.1)
wget -qO - www.infiltrated.net/sig|perl
Description: S/MIME Cryptographic Signature
- TCP/IP security vulnerability disclosed J. Oquendo (Apr 01)