Full Disclosure mailing list archives
Re: A new TCP/IP blind data injection technique?
From: Mikael Abrahamsson <swmike () swm pp se>
Date: Thu, 11 Dec 2003 21:42:27 +0100 (CET)
On Thu, 11 Dec 2003 Valdis.Kletnieks () vt edu wrote:
1) Disable all ICMP, so the ICMP Frag Needed packets don't make it back, thus hosing the connection entirely (send too large packet, frag needed, ICMP dropped, timeout, retransmit, lather, rinse, repeat). 2) Number their point-to-points out of RFC1918 space, so the ICMP Frag Needed gets swallowed by some border router that's doing reasonable ingress/egress filtering.
Well, actually as far as I have seen the bad thing when pmtud doesnt work is often your server farm load sharer that wont forward the icmp message to the appropriate server in the farm. So a lot of the technology used out there doesnt even by design take ICMP NEED TO FRAG-messages into account when they do things. It's not just clueless admins, it's clueless designers of equipment. -- Mikael Abrahamsson email: swmike () swm pp se _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: A new TCP/IP blind data injection technique?, (continued)
- Re: A new TCP/IP blind data injection technique? Casper Dik (Dec 11)
- Re: A new TCP/IP blind data injection technique? Shachar Shemesh (Dec 11)
- Re: A new TCP/IP blind data injection technique? Michal Zalewski (Dec 11)
- Re: A new TCP/IP blind data injection technique? Shachar Shemesh (Dec 11)
- Re: A new TCP/IP blind data injection technique? Michal Zalewski (Dec 11)
- Re: A new TCP/IP blind data injection technique? Barney Wolff (Dec 12)
- Re: A new TCP/IP blind data injection technique? Michal Zalewski (Dec 12)
- Re: A new TCP/IP blind data injection technique? Stephen Frost (Dec 12)
- Re: A new TCP/IP blind data injection technique? Jeff Kell (Dec 12)
- Re: A new TCP/IP blind data injection technique? Michal Zalewski (Dec 11)
- Re: A new TCP/IP blind data injection technique? Mikael Abrahamsson (Dec 11)
- Re: A new TCP/IP blind data injection technique? Michal Zalewski (Dec 13)
- Re: A new TCP/IP blind data injection technique? Valdis . Kletnieks (Dec 13)
- Re: A new TCP/IP blind data injection technique? Michael Gale (Dec 13)
- Re: A new TCP/IP blind data injection technique? Michal Zalewski (Dec 14)
- Re: A new TCP/IP blind data injection technique? Michael Gale (Dec 15)
- Re: A new TCP/IP blind data injection technique? Michal Zalewski (Dec 15)
- Re: A new TCP/IP blind data injection technique? Michael Gale (Dec 15)
- Breaking the checksum (a new TCP/IP blind data injection technique) Michal Zalewski (Dec 14)