Re: *warning* student question

["Karma" <steve () frij com>]

Just think that each TCP packet has a signature that says it belongs to a
session. Read up on what offsets of the packets represents what flags, for
example where is SYN or Sequence Number, Data, Length etc. When you start
understanding how these interact in a TCP session, all will fall together in
place.

If you can craft a packet, any packet, then you can use it to your
advantage, and assume yourself to be from another source IP, and assume a
live session etc.

A simple analogy, think of it as if you are hi-jacking a IM between user A
and B, you craft a packet using the credentials or what have you as User B
and start sending packets to user A.




----- Original Message ----- 
From: "Aaron Scribner" <awscrib () comcast net>
To: <security-basics () securityfocus com>
Sent: Tuesday, January 20, 2004 4:54 AM
Subject: *warning* student question


> I have been lurking on this list for about 3 months now....and I am more
> clueless now than when I signed up.
>
> One day talking to my prof after a UNIX/TCP class, we started talking
about
> raw socket programming.  My prof introduced the idea of being able to
> program with raw sockets to "hijack" a connection.  He presented this to a
> buddy of mine and I as a self-study in the Network Lab.  Basically, be
able
> to get into a system without a trace and be able to receive the packets
> back.  I know you can change the IP and MAC ID of the IP header, but then
> you have to worry about the random CRC of IPv6 (and being on this list and
> reading, I found out most routers will just drop invalid packets).  I
> COMPLETELY have not a clue where to start.  I read whatever I could get my
> hands on over the winter break, but I know nothing when it comes to
network
> security, just network communication through code.  I have a background in
> c/c++ and a couple years of game development (then went back to school
> after the game flopped), so network security is far from my specialty.
>
> The point of this email, is this even possible to accomplish?  We have
> another project that we can work on that we will be able to complete to
85%
> no problems.  Should we attempt to take on the "network hijacking" project
> or just look at something else.  I do not need a solution to the problem,
> as that would defeat the purpose of the class, just curious if anyone has
> researched this or attempted to do it themselves.
>
> Thanks for the bandwidth,
>
> Aaron
>
>
> --------------------------------------------------------------------------
-
> Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
> course! All of our class sizes are guaranteed to be 10 students or less.
> We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion
Prevention,
> and many other technical hands on courses.
> Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
> any course!
> --------------------------------------------------------------------------
--
>


---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------