|
Dailydave
mailing list archives
Re: This guy cracks me up.
From: Bill Weiss <houdini+dailydave () clanspum net>
Date: Tue, 5 Sep 2006 14:42:04 +0000
Just one question, inlined.
johnny cache(johnycsh () gmail com)@Mon, Sep 04, 2006 at 07:17:27PM -0700:
1) set up a netcat udp listener on the victim centrino box. (Why
you actually need a listener is beyond me, but it seems to help)
I don't understand what this means. Does it mean that the victim
computer *must* be running a netcat udp listener for the attack to
work? If so, how would this be exploited in the wild?
No, in theory no open TCP/UDP ports should be required. Your wireless
device driver has no idea what layer 4 ports are open and it should be
treating all data packets the same at this point. My guess is that
having an open port influences the delicate timing I described earlier.
(content removed)
If you were to implement this using a patched kernel, or found some
other way to inject packets at a faster rate, I suspect no open ports
would be required. Hard to say for sure though.
Have you tried the in-kernel "packet generator"? The docs seem to say
that it can generate traffic quickly. I haven't had a reason to play
with it yet so I can't say if it would serve the purpose.
--
Bill Weiss
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
 By Date 
By Thread
Current thread:
Re: This guy cracks me up. Teemu Schaabl (Sep 04)
Re: This guy cracks me up. johnny cache (Sep 04)
- Re: This guy cracks me up. Bill Weiss (Sep 05)
This guy cracks me up. johnny cache (Sep 05)
Re: This guy cracks me up. Randy Mueller (Sep 05)
| 
Intro
