Hello,
When a TCP connection is established between 2 computers, it is known that
it can be broken with an hand-made icmp packet sent to one of the computers
by a third one, saying that the port it is connected to is unreachable (this
one works, maybe other errors work too).
The ICMP packet must contain the IP header of the packet which triggered its
emission plus the height first bytes of ip data.
This is enough to identify which connection is concerned.
My question is why the network layer doesn't take more care of some other
fields than the ones strictly necessary (like ip identification field, or
TCP sequence number for TCP connections) to prevent these attacks to success
(they just have the client port to guess if they know what service you are
using (without sniffing, of course)).
Phil
ps: theses attacks doesn't seem to work on the (buggy) windows 95 telnet
client, but i don't know whether it's because of a network layer that take
care about id fields or it is because of a network layer that doesn't care
about icmp for tcp connections. Ideas?
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
