| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.BSI.4.58.0409221004360.23430@malasada.lava.net> Date: Wed, 22 Sep 2004 10:06:40 -1000 (HST) From: Tim Newsham <newsham@...a.net> To: fenfire@...esend.de Cc: bugtraq@...urityfocus.com Subject: Re: ICMP spoofed source tunneling > On Tue, Sep 21, 2004 at 08:55:04PM +0400, Max Tulyev wrote: > > Let's imagine in Net a hacker having his source server(S), destination > > server(D), and a ip-capable device - victim(V). S sends to V spoofed ICMP > > echo request packet containing IP source address of D, and the data in > > Payload. > > > > When V receiving that packet, it sends ICMP echo-reply packet to D, AND > > FORWARDS TO D ALL DATA IN PAYLOAD! > > This could also be used by peer-to-peer networks to achieve sender > anonymity. (Of course you could also directly send UDP packets with forged > source addresses...) How does this give anonymity? When sending to the server, I must use the servers address as a source address. When the server replies to me, it must use my address as a source address. Maybe the two addresses dont appear in the same packet at the same time, but they're there. This might fool a few people when used a few times, but it will hardly fool everyone when it is in widespread use. Tim N.
Powered by blists - more mailing lists