> More of a denial of service attack, but with the current discussion > on bugtraq/firewalls regarding sequence number guessing, I thought > I'd put forward a method on killing an established TCP connection, > [...send FIN/ACK packets...] Why not just fire off a few RST segments? If you see a segment fly by, it's really easy to synthesize an RST segment to blow away whichever end of the connection you please; all you have to do is make the sequence number correct. (This is easiest when you want to RST the end that sent the segment you eavesdropped on.) der Mouse mouse@collatz.mcrcim.mcgill.edu