Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: TCP Header manipulation of the protocol field
From: "Michael Burns" <burnsey () sp-uk com>
Date: Wed, 4 Feb 2004 11:43:10 -0000

Sorry for the confusion, I was meaning the IP header and not TCP header
as we are working with the ESP protocol type.

Regards

Mike

-----Original Message-----
From: ucanBbreached [mailto:ucanbbreached () cox net] 
Sent: 04 February 2004 04:24
To: Michael Burns; pen-test () securityfocus com
Subject: RE: TCP Header manipulation of the protocol field

Don't know what you are really doing with TCP and ESP.  If ESP you are
using
is a proprietary protocol then disregard following.

ESP is used for encryption in the IPSec stack.  IPSec does not utilize
TCP,
it uses the IP protocol and the UDP protocol if using IKE (ISAKMP).  you
might want to know something different for a reason I am not aware of,
so
smack me if above was common knowledge for you.

James

-----Original Message-----
From: Michael Burns [mailto:mburns () sp-uk com]
Sent: Friday, January 30, 2004 11:09 AM
To: pen-test () securityfocus com
Subject: TCP Header manipulation of the protocol field


Hi Guys,

Sorry for this kind of request (well not really, not if I get the
answer). I need to manipulate the protocol field of a TCP session to
test for IP protocol filtering across a non-managed link. This is
predominantly to help test/prove filtering in place when running ESP.

I simply need to get a pointer to somewhere to look up as I've hit a
brick wall at the minute.

Predominantly the test environment will be from Windows platforms but
can also be from Linux.

Cheers,

Mike



**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.

www.mimesweeper.com
**********************************************************************


------------------------------------------------------------------------
---
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault