Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] TCP/IP vulnerability

from [Mohit Kohli] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] TCP/IP vulnerability
Date: Wed, 23 May 2007 20:57:33 +0530 

Ivan

Thanks for the reply but have some concerns...
1)Tearn drop and land attack work on win 95 server,how to exploits this 
vulnerability or its variant on windows 2000 or linux.

Do we have any other vulnerability in TCP/IP apart of listed below...


Cheers,

Mohit 
-----Original Message-----
From: Ivan . [mailto:ivanhec@gmail.com]
Sent: Wed 5/23/2007 5:34 AM
To: Mohit Kohli
Cc: seclists@syneticon.de; full-disclosure@lists.grok.org.uk; 
pen-test@securityfocus.com; vuln-dev@securityfocus.com
Subject: Re: [Full-disclosure] TCP/IP vulnerability
 
dude, check out Fernando Gont site

http://www.gont.com.ar/tools/icmp-attacks/index.html

cheers
Ivan

On 5/22/07, Mohit Kohli <mkohli@techmahindra.com> wrote:





Hi Guys,



I got an assignment to write a white paper on TCP/IP and to show demo on how 
to exploits the same.



I have listed some of the vulnerability, but need some good tools (preferably 
windows based) to exploit the vulnerability and to perform further analysis.



overlapping IP fragments
Tear Drop
Land
SYN Attack
Ping Flooding
IP Spoofing

SYN Guessing

Smurf Attack

Source Routing
TCP Hijacking

Man-in-the-Middle Attack



I will appreciate; if you could provide me some inputs with regards to tools 
to exploits the vulnerability.



Cheers



Mohit






============================================================================================================================

 Disclaimer:

 This message and the information contained herein is proprietary and 
confidential and subject to the Tech Mahindra policy statement, you may 
review at http://www.techmahindra.com/Disclaimer.html externally and 
http://tim.techmahindra.com/Disclaimer.html internally within Tech Mahindra.

 
============================================================================================================================

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/





============================================================================================================================
 
Disclaimer:

This message and the information contained herein is proprietary and 
confidential and subject to the Tech Mahindra policy statement, you may review 
at <a 
href="http://www.techmahindra.com/Disclaimer.html";>http://www.techmahindra.com/Disclaimer.html</a>
 externally and <a 
href="http://tim.techmahindra.com/Disclaimer.html";>http://tim.techmahindra.com/Disclaimer.html</a>
 internally within Tech Mahindra.

============================================================================================================================
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Pentesting Openmail Web login, s-williams
Next by Date:  Re: Pentesting Openmail Web login, Brent Wolfram
Previous by Thread:  Re: [Full-disclosure] TCP/IP vulnerability, Ivan .
Next by Thread:  FINAL Call For Papers: Chaos Communication Camp 2007, Berlin, Paul Böhm
Indexes:  [Date] [Thread] [Top] [All Lists]