RE: TCP/IP Vulnerability

Hi,
why don't you try to use something like backtrak live cd:

http://www.remote-exploit.org/backtrack.html

cheers





--

Paolo Riviello

Mob. +39.328.1749468
Home: http://www.paoloriviello.com
E-mail: paolo@xxxxxxxxxxxxxxxxx
E-mail & msn: pao_rivi@xxxxxxxxxxx
Skype: pao_rivi

If men could get pregnant, abortion would be a sacrament. -H-





From: mohit701@xxxxxxxxx
To: vuln-dev@xxxxxxxxxxxxxxxxx
Subject: TCP/IP Vulnerability
Date: 22 May 2007 12:35:41 -0000

Hi Guys,



I got an assignment to write a white paper on TCP/IP and to show demo on how to exploits the same.



I have listed some of the vulnerability, but need some good tools (preferably windows based) to exploit the vulnerability and to perform further analysis.



overlapping IP fragments
Tear Drop
Land
SYN Attack
Ping Flooding
IP Spoofing
SYN Guessing

Smurf Attack

Source Routing
TCP Hijacking
Man-in-the-Middle Attack



I will appreciate; if you could provide me some inputs with regards to tools to exploits the vulnerability.

Cheers,
Mohit

_________________________________________________________________
Quale attrice a 31 anni ha già ottenuto 5 nomination agli oscar? http://search.live.com/results.aspx?q=kate+winslet&form=QBRE&lf=1&go.x=14&go.y=8

Relevant Pages

  • Re: [fw-wiz] Variations of firewall ruleset bypass via FTP
    ... didn't carry through CERT- While Mikael was nice enough to code up "proof ... instead of the "produce attack code and announce the problem method.) ... but frankly all these folks (indeed also IPF) are his ... I'm willing to admit the risk assessment and the vulnerability ...
    (Firewall-Wizards)
  • RE: how to verify whether an attack attempt is successful?
    ... Certainly the techniques of combining vulnerability assessment data with ... attack information is an excellent way to determine success. ... if its behind an in-line network IPS and there ... play into the accuracy and usefulness of the 'success' metrics your IDS ...
    (Focus-IDS)
  • RUS-CERT Advisory 2001-08:01
    ... Vulnerabilities in several Apache authentication modules ... vulnerable to a remote SQL code injection attack. ... SQL statements or cause the database query for the password to return ... In the MySQL and Oracle cases, the impact of the vulnerability is ...
    (Bugtraq)
  • [Full-disclosure] dt_guestbook version 1.0f XSS vulnerability
    ... fully-featured message board system with admin interface. ... flaws it is possible for the remote attacker to conduct XSS attacks. ... This vulnerability can be exploited only when PHP register_globals is ... Vulnerability Impact: Attack ...
    (Full-Disclosure)
  • [NEWS] Nokia GGSN (IP650 Based) DoS
    ... Latest attack techniques. ... Nokia's GGSN is the ... There exists a vulnerability in the TCP stack that allows an attacker to ... * Nokia GGSN ...
    (Securiteam)