lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <B55BFB7ED1ADA449B1FC6241C36DA7A88EFDC0@SINMUMEX001.TechMahindra.com>
Date: Wed, 23 May 2007 20:57:33 +0530
From: "Mohit Kohli" <mkohli@...hMahindra.com>
To: "Ivan ." <ivanhec@...il.com>
Cc: full-disclosure@...ts.grok.org.uk, pen-test@...urityfocus.com,
	vuln-dev@...urityfocus.com, seclists@...eticon.de
Subject: Re: TCP/IP vulnerability


Ivan

Thanks for the reply but have some concerns...
1)Tearn drop and land attack work on win 95 server,how to exploits this vulnerability or its variant on windows 2000 or linux.

Do we have any other vulnerability in TCP/IP apart of listed below...


Cheers,

Mohit 
-----Original Message-----
From: Ivan . [mailto:ivanhec@...il.com]
Sent: Wed 5/23/2007 5:34 AM
To: Mohit Kohli
Cc: seclists@...eticon.de; full-disclosure@...ts.grok.org.uk; pen-test@...urityfocus.com; vuln-dev@...urityfocus.com
Subject: Re: [Full-disclosure] TCP/IP vulnerability
 
dude, check out Fernando Gont site

http://www.gont.com.ar/tools/icmp-attacks/index.html

cheers
Ivan

On 5/22/07, Mohit Kohli <mkohli@...hmahindra.com> wrote:
>
>
>
>
> Hi Guys,
>
>
>
> I got an assignment to write a white paper on TCP/IP and to show demo on how to exploits the same.
>
>
>
> I have listed some of the vulnerability, but need some good tools (preferably windows based) to exploit the vulnerability and to perform further analysis.
>
>
>
> overlapping IP fragments
> Tear Drop
> Land
> SYN Attack
> Ping Flooding
> IP Spoofing
>
> SYN Guessing
>
> Smurf Attack
>
> Source Routing
> TCP Hijacking
>
> Man-in-the-Middle Attack
>
>
>
> I will appreciate; if you could provide me some inputs with regards to tools to exploits the vulnerability.
>
>
>
> Cheers
>
>
>
> Mohit
>
>
>
>
>
>
> ============================================================================================================================
>
>  Disclaimer:
>
>  This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review at http://www.techmahindra.com/Disclaimer.html externally and http://tim.techmahindra.com/Disclaimer.html internally within Tech Mahindra.
>
>  ============================================================================================================================
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



============================================================================================================================
 
Disclaimer:

This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review at <a href="http://www.techmahindra.com/Disclaimer.html">http://www.techmahindra.com/Disclaimer.html</a> externally and <a href="http://tim.techmahindra.com/Disclaimer.html">http://tim.techmahindra.com/Disclaimer.html</a> internally within Tech Mahindra.

============================================================================================================================
Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ