nanog mailing list archives
Re: Land Protection for Cisco
From: Jim Shankland <jas () flyingfox com>
Date: Fri, 21 Nov 1997 14:47:04 -0800 (PST)
Paul D. Robertson <root () gannett com> writes:
Has anyone tried [the "land" attack] sourced and destined for different interfaces on the same box? My test gear is all tied up right now, and I'd rather not test on a production box.
It is highly unlikely that this would work. The essence of the attack is creating a TCP connection in which (src-ip, src-port) is equal to (dst-ip, dst-port), so that the box's responses on that TCP circuit reappear as input from the "peer". This won't happen if src-ip != dst-ip, even if both ip's are associated with the same box. Jim Shankland Flying Fox Computer Systems, Inc.
Current thread:
- Land Protection for Cisco Ken Harris (Nov 21)
- Re: Land Protection for Cisco Paul D. Robertson (Nov 21)
- Re: Land Protection for Cisco bcurnow (Nov 21)
- <Possible follow-ups>
- Re: Land Protection for Cisco Jim Shankland (Nov 21)