Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

firewall-wizards logo Firewall Wizards mailing list archives

TCP segments with overlapping data
From: miedaner <miedaner () mold appliedtheory com>
Date: Mon, 03 Dec 2001 18:37:14 -0500
Hi All,

I am getting IDS messages that say that there are TCP segments with
overlapping data.

The vendor indicates the following:

"Data in TCP connections is broken  into packet-sized segments for
transmission. The target host must
 reassemble these segments into a contiguous stream to deliver it to an
application."

Besides my confusion on the language here...

Has anybody seen this?

My question is what is TCP overlapping data?
Assuming a layer 2 problem: Is it that the offset in the IP header is
overlapping for a packet with the same ID?

What is the vulnerability associated?

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]