Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: help: raw_ip socket and system implication

From: Marc Soda <marc () aspre net>
Date: Tue, 20 Nov 2001 11:50:25 -0500 (EST)
The RST is coming from your own stack, which is not aware of the
connection your trying to build.  The easiest thing would probably to
set up a firewall rule to drop RSTs to that box.  Using, for example,
IPTables or IPChains if your on a Linux box.

On Tue, 20 Nov 2001, qgiorgi () respublica fr wrote:


hello, 

I am trying to figure out a problem i have seen with a 
tcp/ip stack of an equipement, but i need some help in 
order to finish my C code :) I read this mailing-list 
for quite a long time and i am sure there are some 
gurus here :)) 

I successfully emulate a tcp client for the three 
handshake with raw-ip socket (with all the tcp options, 
seq num etc.. i wanted ), but when i received the 
second packet the system send also a RST back to the 
host i am trying to connect to, which is for my system  
point of view an unsollicited SYN/ACK packet. 

so i have 
-> SYN 
<- SYN/ACK 
-> RST ( system part )  :( 
-> ACK ( my prog ) 
...

Does anybody have a mean to prevent the system to send 
this RST ? 

Any help will be appreciated :) 

Quentin. 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Découvrez sur Respublica et sur les sites du Groupe Tiscali France
une barre de navigation pour accéder en 1 clic aux meilleurs contenus 
et services du Web.

http://www.libertysurf.fr/minisite/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



-- 

Marc Soda
ASPRE, Inc.
marc () aspre net
http://www.aspre.net/
Previous By Date Next
Previous By Thread Next

Current thread: