Penetration Testing mailing list archives
RE: TCP Header manipulation of the protocol field
From: "ucanBbreached" <ucanbbreached () cox net>
Date: Tue, 3 Feb 2004 23:23:55 -0500
Don't know what you are really doing with TCP and ESP. If ESP you are using is a proprietary protocol then disregard following. ESP is used for encryption in the IPSec stack. IPSec does not utilize TCP, it uses the IP protocol and the UDP protocol if using IKE (ISAKMP). you might want to know something different for a reason I am not aware of, so smack me if above was common knowledge for you. James -----Original Message----- From: Michael Burns [mailto:mburns () sp-uk com] Sent: Friday, January 30, 2004 11:09 AM To: pen-test () securityfocus com Subject: TCP Header manipulation of the protocol field Hi Guys, Sorry for this kind of request (well not really, not if I get the answer). I need to manipulate the protocol field of a TCP session to test for IP protocol filtering across a non-managed link. This is predominantly to help test/prove filtering in place when running ESP. I simply need to get a pointer to somewhere to look up as I've hit a brick wall at the minute. Predominantly the test environment will be from Windows platforms but can also be from Linux. Cheers, Mike ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com ********************************************************************** --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: TCP Header manipulation of the protocol field Michael Burns (Feb 02)
- <Possible follow-ups>
- Re: TCP Header manipulation of the protocol field Philippe Biondi (Feb 02)
- RE: TCP Header manipulation of the protocol field Michael Burns (Feb 05)
- RE: TCP Header manipulation of the protocol field ucanBbreached (Feb 05)
- RE: TCP Header manipulation of the protocol field Rob Shein (Feb 05)