It's not tcp header len that is amiss.
You need to force the ip_len field to 40 (20 bytes IP hdr, 20 bytes TCP header without options), or let nessus automatically compute it. Aman On Thu, 28 Mar 2002, Bobby, Paul wrote: > Here is my simple program. > > # Sending raw packets > > seq = rand(); > > ip1 = forge_ip_packet ( > ip_hl:5, > ip_v:4, > ip_tos:0, > ip_len:20, > ip_id:69, > ip_off:0, > ip_ttl:200, > ip_p:IPPROTO_TCP, > ip_src:this_host() > ); > tcp1 = forge_tcp_packet ( > ip:ip1, > th_sport:1234, > th_dport:80, > th_flags:TH_SYN, > th_seq:seq, > th_ack:0, > th_x2:0, > th_off:0, > th_win:2048, > th_urp:0 > ); > > send_packet(tcp1,pcap_active:FALSE); > > When I run nasl -t target script, and sniff, the packet goes out on the > wire, but ethereal decodes the packet with the following error: > > "Bogus TCP Header length (0, must be at least 20)" > > Indeed, if the SYN was sent to my destination on port 80, I should receive a > SYN/ACK back from the destination, but nothing is received. > > Within Nasl however, I'm unable to set the header length. It does not appear > to be auto-calculated. > > Paul > >
