Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PEN-TEST] Exploiting sequence number predictability

From: Ben Lull <blull () VALLEYLOCAL COM>
Date: Mon, 21 Aug 2000 18:43:46 -0700
l0rtamus prime wrote:



I am interested in learning more about this subject.  I know nothing about
it and feel that I need to.   Does anyone have any documents that will
explain this to me from ground 0?


Search engines are our friends =)

But to tide you over until you make friends here are some links on different
types of spoofing (I'm sure allot of others will find the information useful as
well)...


Linux Blind TCP Spoofing
http://packetstorm.securify.com/spoof/ip-spoof-guides/spoofing.tcp.blind.linux.txt

This one seems to be a beginners guide to TCP spoofing (haven't read this, just
found it)
http://packetstorm.securify.com/papers/protocols/whatuneed.txt

I believe I've skimmed this paper in the near past... If i remember correctly,
it gave not so detailed explanations, but a general overview (but I'm probably
wrong).
http://packetstorm.securify.com/papers/protocols/ipext.ps

A paper simply entitled "Sequence Number Attacks" (Haven't read this one either)

http://packetstorm.securify.com/docs/hack/sequence_attacks.txt

And of course... check out.  This I'm guessing (noting the URL) is all the IP
spoofing guides on packetstorm.
http://packetstorm.securify.com/spoof/ip-spoof-guides/


Just as a general statement... packetstorm does have a wealth of information (as
well as many other sites).  I figure spending a few days just constantly reading
the articles and examining the source on their archives you could learn allot.
Take notes!! =)

Thanks,
Ben Lull

***
* Ben Lull
* Valley Local Internet, Inc.
* Systems Administrator
***
Previous By Date Next
Previous By Thread Next

Current thread: