Andrea Barisani wrote:
> Client (ftest.pl) ---> Firewall ---> Sniffer (ftestd.pl)
> 1 - The client (ftest.pl) send a Syn packet with a custom payload
> (Question: is inserting data in a Syn packet legal?)
Data is allowed. If the receiving party supports T/TCP it may save
the data to be used after 3Way-handshake. If the receiving party
does not support T/TCP data will simply be discarded without any
notification to the sender.
> The problem is that between step 2 and step 3 the spoofed address will
> send a valid RST back to the sniffer, the firewall will see it and we
> can't proceed.
I didn't understand this point. If the spoofed source address for the
connection is on the sniffer side of the connection, you shouldn't
expect a reply back unless the firewall is in bridging mode.
cheers.
--
Burak DAYIOGLU
Phone: +90 312 2103379 Fax: +90 312 2103333
http://www.dayioglu.net
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Thu Sep 27 2001 - 10:49:08 PDT