Re: Analysis of "stacheldraht"

From: Jordan Ritter (jpr5at_private)
Date: Fri Dec 31 1999 - 11:34:52 PST

Next message: Dave Dittrich: "Re: Analysis of "stacheldraht""

Previous message: LaMont Jones: "Re: Fix for HP-UX automountd/autofs exploit (fwd)"
Maybe in reply to: Dave Dittrich: "Analysis of "stacheldraht""
Next in thread: Dave Dittrich: "Re: Analysis of "stacheldraht""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

# Programs like "ngrep" do not process ICMP packets, so you will not as
# easily (at this point in time) be able to watch for strings in the data
# portion of the ICMP packets (except using the patches to tcpshow from
# Appendix C and patches to sniffit provided in the analysis of TFN).

The latest version of ngrep (1.35) does in fact match ICMP, and has been out
for some time now.


--jordan

Next message: Dave Dittrich: "Re: Analysis of "stacheldraht""
Previous message: LaMont Jones: "Re: Fix for HP-UX automountd/autofs exploit (fwd)"
Maybe in reply to: Dave Dittrich: "Analysis of "stacheldraht""
Next in thread: Dave Dittrich: "Re: Analysis of "stacheldraht""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:25:21 PDT