Curt Wilson wrote: > In the mailing for the Black Hat briefings, there is > > mention of a "blind IP spoofing portscan tool" or > > something along those lines. I'm curious about this > > tool, what is it's name and what is the mechanism by > > which it works? I'd guess that it's something involving > > other elements of the IP stack or some tool that uses > > a 3rd party system to check IP ID's, sequence > > numbers, ICMP responses or something along those > > lines. Yes involves reading the reset ID of an static machine while spoofing that one ... can be done with hping2 .. hehe =) Altho Thomas Ollaffsson has made a extremly eficient and good version for windows wich is automatic (wich he is realeasing on Black Hat). Be aware that you can pull this out on linux, Solaris and windows so no static windows machine is needed just a static machine. The slides will be online I assume if you want more technical explanation please let me know outside the list =) > I'd be interested to know more information, please > > share if you have this knowledge. Enrique A. Sanchez Montellano Chief Technical Officer Defcom Spain
This archive was generated by hypermail 2b30 : Thu Jun 14 2001 - 10:35:40 PDT