Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-Disclosure] ICMP Covert channels question

from [cyberpixl] Network Security [Permanent Link]
Subject: [Full-Disclosure] ICMP Covert channels question
Date: Fri, 28 Jan 2005 23:45:00 +0100 
I've been doing some research on creating covert channels using icmp
packets and a bounce server and so far everything worked fine. I can
contact my web server through a bounce server outside of my network
(like www.google.com or whatever). In my current setup both client and
target are located in the same network and comunicate through the
bounce server using icmp packets.

Now, would it be possible to access a server behind a firewall, that
normally isn't accessable, using this technique, if i'm outside of the
target network?

Assume there is a local machine (our target) with ip 192.168.0.2 that
is connected to the internet using a router 192.168.0.1/88.88.88.88
(that is not blocking icmp packets) and my machine is say,
33.33.33.33. If i then send an icmp packet to the 88.88.88.88 router
with source ip set to 192.168.0.2, would it forward that packet to the
host in its local network, or will it discard it? Is there any way to
deliver my packet to that local machine?
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-Disclosure] [ GLSA 200501-40 ] ngIRCd: Buffer overflow, Thierry Carrez
Next by Date:  Re: [Full-Disclosure] NAT router inbound network traffic subversion, Darren Bounds
Previous by Thread:  [Full-Disclosure] [ GLSA 200501-40 ] ngIRCd: Buffer overflow, Thierry Carrez
Next by Thread:  Re: [Full-Disclosure] ICMP Covert channels question, Andrew Farmer
Indexes:  [Date] [Thread] [Top] [All Lists]