Bugtraq mailing list archives
Re: A new TCP/IP blind data injection technique?
From: Casper Dik <casper () holland sun com>
Date: Thu, 11 Dec 2003 18:17:41 +0100
On Thu, Dec 11, 2003 at 12:28:28AM +0100, Michal Zalewski wrote:2. Random IP ID numbers, a feature of some systems (OpenBSD?), although also risky (increasing reassembly collission probability), make the attack more difficult.FreeBSD also has the option of randomizing the IP ID.
Solaris uses a different IP ID sequence for each system it communicates with; you'll need to be able to see the packets go by (in which case TCP splicing is child's play). Casper
Current thread:
- A new TCP/IP blind data injection technique? Michal Zalewski (Dec 10)
- Re: A new TCP/IP blind data injection technique? Nick Cleaton (Dec 11)
- Re: A new TCP/IP blind data injection technique? Valdis . Kletnieks (Dec 11)
- Re[2]: A new TCP/IP blind data injection technique? Marius Huse Jacobsen (Dec 13)
- Breaking the checksum (a new TCP/IP blind data injection technique) Michal Zalewski (Dec 15)
- Re: A new TCP/IP blind data injection technique? Valdis . Kletnieks (Dec 11)
- Re: A new TCP/IP blind data injection technique? Kris Kennaway (Dec 11)
- Re: A new TCP/IP blind data injection technique? Casper Dik (Dec 11)
- RE: A new TCP/IP blind data injection technique? David Gillett (Dec 11)
- Message not available
- Message not available
- Re: A new TCP/IP blind data injection technique? Michal Zalewski (Dec 12)
- Re: A new TCP/IP blind data injection technique? Barney Wolff (Dec 12)
- Re: A new TCP/IP blind data injection technique? Michal Zalewski (Dec 12)
- Re: A new TCP/IP blind data injection technique? Stephen Frost (Dec 12)
- Message not available
- Re: A new TCP/IP blind data injection technique? Nick Cleaton (Dec 11)
- <Possible follow-ups>
- RE: A new TCP/IP blind data injection technique? Michael Wojcik (Dec 11)
- Re: A new TCP/IP blind data injection technique? stanislav shalunov (Dec 12)