Vulnerability Development mailing list archives
Re: forged packets?
From: taylord () INFOSECURE COM AU (David Taylor)
Date: Tue, 26 Oct 1999 08:32:34 +0800
On Mon, 25 Oct 1999, Kelvin Fu wrote:
Forgive me if Im asking a stupid question this issue has been bothering for quite some time now. Anyhow, here goes. Marc SCHAEFER recently sent a message titled ' Local user can send forged packets' to bugtraq. I quote : [snip] AFAIK, a local user ( root?) on a linux system if running nmap is able to perform decoy scans with the -D option. This option enables a user to 'spoof' his/her IP address to that of another host which will result in the spoofed Ip to appear to be scanning the victim. If Im not wrong, doesnt this ability to be able to spoof IP addresses coincide with the 'user-rawip-attack' vulnerabilty addressed by Marc?
Kelvin, nmap requires root in order to perform a -D scan. The vulnerability that Marc was telling us about was a condition where non-root users could gain access to raw IP sockets, allowing them to send forged packets. This is generally considered to be a bad thing. Regards, Dave Taylor
Current thread:
- Re: ICQ 2000, (continued)
- Re: ICQ 2000 Bernie Cosell (Oct 27)
- Re: ICQ 2000 Ripple (Oct 26)
- Re: ICQ 2000 Sean Burford (Oct 26)
- stealth executables Brad Griffin (Oct 26)
- Re: stealth executables Adolfo Soto (Sep 30)
- [Fwd: ICQ 2000] Blue Boar (Oct 26)
- Re: [Fwd: ICQ 2000] Brad Griffin (Oct 27)
- Re: ICQ 2000 Blue Boar (Oct 30)
- Re: forged packets? Ron DuFresne (Oct 26)