Vulnerability Development mailing list archives

Re: help: raw_ip socket and system implication

From: Mordechai Ovits <movits () bloomberg com>
Date: Tue, 20 Nov 2001 11:54:40 -0500

On Tuesday 20 November 2001 11:36, qgiorgi () respublica fr wrote:

hello,

I am trying to figure out a problem i have seen with a
tcp/ip stack of an equipement, but i need some help in
order to finish my C code :) I read this mailing-list
for quite a long time and i am sure there are some
gurus here :))

I successfully emulate a tcp client for the three
handshake with raw-ip socket (with all the tcp options,
seq num etc.. i wanted ), but when i received the
second packet the system send also a RST back to the
host i am trying to connect to, which is for my system
point of view an unsollicited SYN/ACK packet.

so i have
-> SYN
<- SYN/ACK
-> RST ( system part )  :(
-> ACK ( my prog )
...

Does anybody have a mean to prevent the system to send
this RST ?

Any help will be appreciated :)

Quentin.


Use some form of IP filtering.  IPchains or iptables (on Linux) can be used 
to cause the OS to ignore all packets from your target.

Worked for me,
Mordy
-- 
Mordy Ovits            Bad Password:
Network Security    nds09813-050
Bloomberg L.P.

Current thread:

help: raw_ip socket and system implication qgiorgi () respublica fr (Nov 20)
- Re: help: raw_ip socket and system implication Marc Soda (Nov 20)
  - RE: help: raw_ip socket and system implication Dom De Vitto (Nov 21)
- Re: help: raw_ip socket and system implication Mordechai Ovits (Nov 20)
- Re: help: raw_ip socket and system implication Brian O'Berry (Nov 20)
- Re: help: raw_ip socket and system implication Dug Song (Nov 20)
- Re: help: raw_ip socket and system implication Izik (Nov 20)
- Re: help: raw_ip socket and system implication Dmitriy Kropivnitskiy (Nov 30)