Re: IP number question
From: Walter Roberson (roberson_at_ibd.nrc-cnrc.gc.ca)
Date: 01/27/05
- Next message: roberto: "Question - Controlling home page in corporate/enterprise environments"
- Previous message: Walter Roberson: "Re: IP number question"
- In reply to: Michael J. Pelletier: "Re: IP number question"
- Next in thread: Lassi Hippeläinen: "Re: IP number question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 27 Jan 2005 16:45:56 GMT
In article <6d0Kd.10797$rw.4141@fed1read04>,
Michael J. Pelletier <mjpelletier@mjpelletier.com> wrote:
|Walter Roberson wrote:
|> :I am talking about TCP.
|> :In order for you to establish a TCP connection you must have an in and
|> :out route due to the fact that it is a duplex connection.
|> Not strictly true, but close enough -- there are ways that can work
|> to send data through TCP connections even if you never see the reply,
|> but they are trickier than if you can get the replies.
|If you are talking about timed TCP spoofing it is quite difficult....I have
|only been able to do it once...but that is off the topic...
The timing is pretty lax: you usually have a number of minutes
before the other end will time out the connection. In the meantime
you can send responses with a range of sequence numbers, and the target
system will just ignore the ones with the incorrect sequence number
and will accept the one that has the valid sequence number.
It does down to detecting the initial sequence-number randomization
pattern (which 'nmap' is good at probing), and good knowledge of
exactly how the target system replies... the contents of a reply
might vary over time [e.g., a different spool number or a different
time/date reported] but the byte-counts usually stay the same and
it is the byte counts that are important for TCP sequence numbers.
Or so the theory goes. I haven't ever made the attempt myself.
-- What is "The Ultimate Meme"? Would it, like Monty Python's "The World's Funniest Joke", lead to the deaths of everyone who encountered it? Ideas *have* lead to the destruction of entire cultures. -- A Child's Garden Of Memes
- Next message: roberto: "Question - Controlling home page in corporate/enterprise environments"
- Previous message: Walter Roberson: "Re: IP number question"
- In reply to: Michael J. Pelletier: "Re: IP number question"
- Next in thread: Lassi Hippeläinen: "Re: IP number question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
