Re: ICMP spoofed source tunneling

fenfire_at_abwesend.de
Date: 09/22/04

  • Next message: steve menard: "Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes"
    Date: Wed, 22 Sep 2004 12:33:50 +0200
    To: bugtraq@securityfocus.com
    
    

    On Tue, Sep 21, 2004 at 08:55:04PM +0400, Max Tulyev wrote:
    > Let's imagine in Net a hacker having his source server(S), destination
    > server(D), and a ip-capable device - victim(V). S sends to V spoofed ICMP
    > echo request packet containing IP source address of D, and the data in
    > Payload.
    >
    > When V receiving that packet, it sends ICMP echo-reply packet to D, AND
    > FORWARDS TO D ALL DATA IN PAYLOAD!

    This could also be used by peer-to-peer networks to achieve sender
    anonymity. (Of course you could also directly send UDP packets with forged
    source addresses...)


  • Next message: steve menard: "Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes"

    Relevant Pages

    • RE: Packet Payload
      ... storage you would need and if it would cause a packet loss issue. ... concerned about then I would really look a doing some sort of capture. ... Subject: Packet Payload ... Cenzic Hailstorm finds vulnerabilities fast. ...
      (Pen-Test)
    • Re: Packet Manipulation advice request.
      ... > payload of a known UDP packet. ... not sure whether IPTables could be used. ... > will manipulate the payload of the packet by replacing current padding ...
      (comp.os.linux.networking)
    • Re: Packet Manipulation advice request.
      ... > payload of a known UDP packet. ... not sure whether IPTables could be used. ... > will manipulate the payload of the packet by replacing current padding ...
      (comp.os.linux.security)
    • Re: Should I be concerned about?
      ... snort -- snort has the capability to parse the payload of Destination ... Type:3 Code:13 DESTINATION UNREACHABLE: PACKET FILTERED ... > send data to a trojan (listening for ICMP traffic on the target machine)? ...
      (Incidents)
    • Re: Heartbleed
      ... packet itself, and therefore can't be faked - when the transmit is over, ... and the checksum is correct, ... originally was a payload size field and still is considered to be ... Well, this is supposed to be an IP packet, so the EtherType will be 0x0800 ...
      (comp.arch)