Security Basics mailing list archives
RE: *warning* student question
From: "David Gillett" <gillettdavid () fhda edu>
Date: Tue, 20 Jan 2004 08:22:20 -0800
What on earth is a "random CRC"? A CRC is a value calculated using a specific algorithm. A recipient that wants to validate the CRC executes the same algorithm and either arrives at the same result, or does not. IF it's a CRC, then the interloper can (and must) recalculate it as part of tweaking the packet. I haven't looked closely at this part of IPv6. It's possible that this value depends on some kind of key that is not present in the packet itself. If that's true, then (a) only the end-point recipient can check it, so it can't be dropped by routers as "invalid", and (b) it's not really a CRC, it's probably a "hash". In no case, however, is it "random". David Gillett
-----Original Message----- From: Aaron Scribner [mailto:awscrib () comcast net] Sent: January 19, 2004 09:55 To: security-basics () securityfocus com Subject: *warning* student question I have been lurking on this list for about 3 months now....and I am more clueless now than when I signed up. One day talking to my prof after a UNIX/TCP class, we started talking about raw socket programming. My prof introduced the idea of being able to program with raw sockets to "hijack" a connection. He presented this to a buddy of mine and I as a self-study in the Network Lab. Basically, be able to get into a system without a trace and be able to receive the packets back. I know you can change the IP and MAC ID of the IP header, but then you have to worry about the random CRC of IPv6 (and being on this list and reading, I found out most routers will just drop invalid packets). I COMPLETELY have not a clue where to start. I read whatever I could get my hands on over the winter break, but I know nothing when it comes to network security, just network communication through code. I have a background in c/c++ and a couple years of game development (then went back to school after the game flopped), so network security is far from my specialty. The point of this email, is this even possible to accomplish? We have another project that we can work on that we will be able to complete to 85% no problems. Should we attempt to take on the "network hijacking" project or just look at something else. I do not need a solution to the problem, as that would defeat the purpose of the class, just curious if anyone has researched this or attempted to do it themselves. Thanks for the bandwidth, Aaron -------------------------------------------------------------- ------------- Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! -------------------------------------------------------------- --------------
--------------------------------------------------------------------------- Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ----------------------------------------------------------------------------
Current thread:
- Re: Auditing / Logging Don Parker (Jan 12)
- Re: Auditing / Logging R. DuFresne (Jan 12)
- <Possible follow-ups>
- Re: Auditing / Logging Don Parker (Jan 12)
- RE: Auditing / Logging eeefm (Jan 13)
- Re: Auditing / Logging Frank Knobbe (Jan 13)
- Re: Auditing / Logging Mike Hoskins (Jan 13)
- RE: Auditing / Logging Rob Shein (Jan 19)
- *warning* student question Aaron Scribner (Jan 19)
- RE: *warning* student question David Gillett (Jan 20)
- RE: *warning* student question Aaron Scribner (Jan 20)
- Re: *warning* student question Karma (Jan 20)
- RE: Auditing / Logging Steve Armstrong (Jan 19)
- RE: Auditing / Logging Rob Shein (Jan 19)