Re: Asterisk ignoring replayed libpcap sessions

If you originally thought that a simple TCP replay, with sequence and port numbers fixed up, would always work, consider this:

-Client connects
-Server says "Say 3"
-Client says "3"
-connection continues.

So you replay that. This time:

-Server says "Say 5"
-replayed Client says "3"
-Server disconnects.

In many cases, a replayer that doesn't understand the application protocol will fail.

Now extend that to a TCP connection that does an encryption setup with a challenge-response.

BB

Relevant Pages

  • Re: block_ssh_guessers
    ... port-knocking--don't be bloody stupid. ... Care to share why you think port-knocking is stupid? ... Ever heard of the term "replay attack"? ... Ever hear of changing the sequence with each connection? ...
    (comp.os.linux.security)
  • Re: block_ssh_guessers
    ... port-knocking--don't be bloody stupid. ... Ever heard of the term "replay attack"? ... Ever hear of changing the sequence with each connection? ... What happens if somebody else uses the sequence first? ...
    (comp.os.linux.security)
  • RE: Beginner questions about backup/restore
    ... 821511 How to Replay Log Files That Have Been Generated Since the Last Full ... as long as the sequence is contiguous; ... Please do not send email directly to this alias. ...
    (microsoft.public.exchange2000.admin)
  • Re: how do I automate testing of Tk programs?
    ... IO - not GUI ... sequence of mouse clicks and keypresses so that I could replay the sequence to the Tk program under test. ...
    (comp.lang.tcl)
  • Re: Single Mailbox Restore, SINGLE server! Exchange 5.5 - VERY ur
    ... Assuming they are all in sequence, will they "replay" or commit ... automatically when the store mounts, or do I have to do something? ...
    (microsoft.public.exchange.admin)