Hi,
I was reading Comer's Internetworking with TCP/IP. It has an
interesting question - How does sending an IP packet to a non-existent
host on remote Ethernet cause excess broadcast traffic on that
network?
And what can be done to prevent it?
Thanks
Re: Question on Network Security ... host on remote Ethernet cause excess broadcast traffic on that ... The packet gets to the router, ... is no host of that name in the network,... (comp.os.linux.security)
Re: Strange pings from 127.0.0.1 ... I know you said the MAC address is also spoofed but this might help anyway: ... that are reporting port scans to their network all of which have a source ...Infected host picks address as source address and sends Syn packet to ... TCP/IP stack receives packet, responds with reset (if there is nothing ... (Security-Basics)
[Full-disclosure] Making unidirectional VLAN and PVLAN jumping bidirectional ... Wepwedgie, a tool by Anton Rager for traffic injection on 802.11 networks protected by WEP, solves the problem of unidirectional communication by bouncing packets from the target host to a third external host under the attackers control. ... We employ exactly the same principle to bypass both VLAN and PVLAN network segmentation.... The attacker tags his malicious data with two 802.1q tags and sends the packet with a spoofed source IP of a host under his or her control. ... (Full-Disclosure)
Making unidirectional VLAN and PVLAN jumping bidirectional ... Wepwedgie, a tool by Anton Rager for traffic injection on 802.11 networks protected by WEP, solves the problem of unidirectional communication by bouncing packets from the target host to a third external host under the attackers control. ... We employ exactly the same principle to bypass both VLAN and PVLAN network segmentation.... The attacker tags his malicious data with two 802.1q tags and sends the packet with a spoofed source IP of a host under his or her control. ... (Bugtraq)
Re: Tons of Source port 80 to random Dest Port Traffic ... from the same consumer DSL equipment) that have a src port of 80 and a ...Host is not a proxy, just a firewalled webserver with only port 80 ... ACK is the first reply packet when attempting to establish a TCP ... From Q1, Q2, If the host is not a proxy server and there are SYN packets.... (Security-Basics)
