Re: the next generation of nuke.c

der Mouse (mouse@Collatz.McRCIM.McGill.EDU)
Thu, 26 Jan 1995 10:12:23 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Timothy Newsham: "Re: Chances of guessing?"
Previous message: Michael B. Dilger: "Notes from Tsutomu's Talk"
Maybe in reply to: Scott D. Yelich: "the next generation of nuke.c"
Next in thread: smb@research.att.com: "Re: the next generation of nuke.c"

> More of a denial of service attack, but with the current discussion
> on bugtraq/firewalls regarding sequence number guessing, I thought
> I'd put forward a method on killing an established TCP connection,
> [...send FIN/ACK packets...]

Why not just fire off a few RST segments?  If you see a segment fly by,
it's really easy to synthesize an RST segment to blow away whichever
end of the connection you please; all you have to do is make the
sequence number correct.  (This is easiest when you want to RST the end
that sent the segment you eavesdropped on.)

					der Mouse

			    mouse@collatz.mcrcim.mcgill.edu

Next message: Timothy Newsham: "Re: Chances of guessing?"
Previous message: Michael B. Dilger: "Notes from Tsutomu's Talk"
Maybe in reply to: Scott D. Yelich: "the next generation of nuke.c"
Next in thread: smb@research.att.com: "Re: the next generation of nuke.c"