Vulnerability Development mailing list archives
Re: hijacking TCP connections on FreeBSD
From: "jmiller" <secadmin () subversive cc>
Date: Tue, 9 Jul 2002 22:11:15 -0700
a man in the middle is not neccessary, you sniff the packets, spoof your ip and or mac, then dos the other box you are spoofing. there is a *nix tool that will do an arp flood, turning all switches into a hub, so you do not need to be on the same subnet either. search for it on freshmeat.net Jmiller ----- Original Message ----- From: "Ryan Permeh" <ryan () eeye com> To: <elan () compiled org>; <vuln-dev () securityfocus com> Sent: Tuesday, July 09, 2002 10:53 AM Subject: RE: hijacking TCP connections on FreeBSD
by using a man in the middle attack, you can do this. You simply need to
be
on the route between the host and the computer. I believe dsniff does
this.
Also, you may be able to do it non blindly, on the same network segment as the freebsd machine by sniffing and injecting packets, but there is more possibility of interference at that point. A protection against this is to encrypt your traffic so that neither mitm attacks nor injection attacks can adequately interrupt the packet stream. Signed, Ryan Permeh eEye Digital Security Team http://www.eEye.com/Retina -Network Security Scanner http://www.eEye.com/Iris -Network Traffic Analyzer http://www.eEye.com/SecureIIS -Stop Known and Unknown IIS Vulnerabilities -----Original Message----- From: Elan Hasson [mailto:elan () compiled org] Sent: Monday, July 08, 2002 9:49 PM To: vuln-dev () securityfocus com Subject: hijacking TCP connections on FreeBSD (I'm not sure if this is the correct list for this post) Is it possible to hijack established tcp connections on FreeBSD? if so,
how?
any programs in existence that do this already? --Elan Hasson http://www.compiled.org -- The programmer's resource.
Current thread:
- hijacking TCP connections on FreeBSD Elan Hasson (Jul 09)
- RE: hijacking TCP connections on FreeBSD Ryan Permeh (Jul 09)
- Re: hijacking TCP connections on FreeBSD jmiller (Jul 10)
- Re: hijacking TCP connections on FreeBSD martin f krafft (Jul 10)
- Re: hijacking TCP connections on FreeBSD Andreas Krennmair (Jul 10)
- Re: hijacking TCP connections on FreeBSD Ron DuFresne (Jul 10)
- Re: hijacking TCP connections on FreeBSD jmiller (Jul 10)
- Re: hijacking TCP connections on FreeBSD tide (Jul 09)
- Re: hijacking TCP connections on FreeBSD Joerg Over (Jul 09)
- Re: hijacking TCP connections on FreeBSD Bojan Zdrnja (Jul 10)
- Re: hijacking TCP connections on FreeBSD ALoR (Jul 09)
- Re: hijacking TCP connections on FreeBSD Craig (Jul 09)
- <Possible follow-ups>
- RE: hijacking TCP connections on FreeBSD Cushing, David (Jul 09)
- Re: hijacking TCP connections on FreeBSD Secterm . (Jul 10)
- RE: hijacking TCP connections on FreeBSD Ryan Permeh (Jul 09)