Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: ICMP spoofed source tunneling

from [raiblehugo] Network Security [Permanent Link]
Subject: Re: ICMP spoofed source tunneling
Date: 24 Sep 2004 13:43:04 -0000 
In-Reply-To: <20040922203047.GA16153@nenya.lan>


On Wed, Sep 22, 2004 at 10:06:40AM -1000, Tim Newsham wrote:

How does this give anonymity?  When sending to the server, I must use the
servers address as a source address.  When the server replies to me, it
must use my address as a source address.


Yes - you cannot use this in both directions:

- In the server->client direction, the server can spoof IP source 
  addresses.

- In the client->server direction, you need to use multi-level "anonymous 
  proxying", as used by several current P2P implementations (Gnutella for
  queries, Freenet, GNUnet etc).

The advantage of this is that the available bandwidth can be fully utilized
in the server->client direction, but at the same time the server IP address
can remain unknown to the client. With current P2P systems, server->client
proxying significantly reduces the download bandwidth.

In practice, implementing this will be fairly complicated because you end
up re-implementing TCP over a highly asymmetric connection.


I remember a discussion (in German) about this some time ago, also discussing 
congestion problems. See 
http://www.heise.de/newsticker/foren/go.shtml?read=1&msg_id=2617169&forum_id=36041

Babelfish translated: 
http://babelfish.altavista.com/babelfish/trurl_pagecontent?url=http%3A%2F%2Fwww.heise.de%2Fnewsticker%2Fforen%2Fgo.shtml%3Fread%3D1%26msg_id%3D2617169%26forum_id%3D36041&lp=de_en

Enjoy!

Hugo
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Microsoft's GDI Detetection Tool faults, John Bissell
Next by Date:  Re: Microsoft's GDI Detetection Tool faults, Gadi Evron
Previous by Thread:  Re: ICMP spoofed source tunneling, Dave Paris
Next by Thread:  Netscape NSS Library Vulnerability Affects Sun Java Enterprise System, Jérôme
Indexes:  [Date] [Thread] [Top] [All Lists]