Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: RE: help: raw_ip socket and system implication

RE: help: raw_ip socket and system implication

From: Mike Price <mike.price_at_foundstone.com>
Date: Fri, 30 Nov 2001 14:34:58 -0800

you can also borrow an unused ip address on the same subnet as the host you
are sending from and set this as the source ip for the outbound traffic (use
the same mac address as your source host). Then capture packets sent to your
host with the destination ip set to the one you are borrowing. your tcp
stack will be unaware of this borrowed ip and wont send a RST.

-mike

-----Original Message-----
From: Dmitriy Kropivnitskiy [mailto:dkropivnitskiy_at_tigertesting.com]
Sent: Friday, November 30, 2001 11:19 AM
To: vuln-dev_at_securityfocus.com
Subject: Re: help: raw_ip socket and system implication

I am not sure, I have never tried to do this but looking at the kernel
source
one notices that in include/linux/socket.h among the options for send()
there are
a couple called MSG_RST and MSG_SYN. They don't seem to appear anywhere else
in the
kernel source and I couldn't find any docs on them. Otherwise it seems that
what
you need is somehow register your connection with the kernel.

On Tue, Nov 20, 2001 at 05:36:23PM +0100, qgiorgi_at_respublica.fr wrote:
> hello,
>
> I am trying to figure out a problem i have seen with a
> tcp/ip stack of an equipement, but i need some help in
> order to finish my C code :) I read this mailing-list
> for quite a long time and i am sure there are some
> gurus here :))
>
> I successfully emulate a tcp client for the three
> handshake with raw-ip socket (with all the tcp options,
> seq num etc.. i wanted ), but when i received the
> second packet the system send also a RST back to the
> host i am trying to connect to, which is for my system
> point of view an unsollicited SYN/ACK packet.
>
> so i have
> -> SYN
> <- SYN/ACK
> -> RST ( system part ) :(
> -> ACK ( my prog )
> ...
>
> Does anybody have a mean to prevent the system to send
> this RST ?
>
> Any help will be appreciated :)
>
> Quentin.
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Découvrez sur Respublica et sur les sites du Groupe Tiscali France
> une barre de navigation pour accéder en 1 clic aux meilleurs contenus
> et services du Web.
>
> http://www.libertysurf.fr/minisite/
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>
Received on Dec 01 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos