Re: address spoof/no return packets

Aleph One (aleph1@dfw.net)
Tue, 24 Jan 1995 19:01:26 -0600 (CST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: der Mouse: "Re: Recent troubles"
Previous message: Perry E. Metzger: "Re: Blind IP Spoofing Attacks."
In reply to: Christopher Klaus: "Re: address spoof/no return packets"

On Mon, 23 Jan 1995, Christopher Klaus wrote:

> 
> If you simulate a connection from trusted host and trusted account to
> something like the rsh port with the following command:
> 
> echo "+ +" > .rhosts
> 
> The attacker doesn't need to see the reply packets, but now he/she is
> able to rlogin/rsh in from anywhere. 
>

This is asuming that you can reach the r-commands deamons to begin with.
If the firewall filters those then you can still only have a one way
connection to the machine.

a1
http://underground.org

Next message: der Mouse: "Re: Recent troubles"
Previous message: Perry E. Metzger: "Re: Blind IP Spoofing Attacks."
In reply to: Christopher Klaus: "Re: address spoof/no return packets"