Hi, I had some comments regarding the plugin: "racoon_cookie_malloc_dos.nasl" The script as is does: 1. create udp - send initiator packet - recv responder packet 2. create udp - send malicious packet - recv malicious packet 3. repeat #1 w/ new UDP port and expect a packet Note that #2 and #3 create a new source UDP port while the icookie is still the same. I don't believe the VPN server needs to reply in #3 to the port recv'd in #3 as it has the same icookie as #1 until such exchange times out (20-60 seconds later). I would suggest changing the logic in #3 to: - reuse udp port from #1 and expect a packet. Here is the diff: diff racoon_cookie_malloc_dos.nasl ../plugins_orig/racoon_cookie_malloc_dos.nasl 97,99c97,99 < soc2 = open_sock_udp(port); < send(socket:soc2, data:req); < r = recv(socket:soc2, length:1024); --- > soc = open_sock_udp(port); > send(socket:soc, data:req); > r = recv(socket:soc, length:1024); 102c102 < # reuse the original port --- > soc=open_sock_udp(port); Regards, -- Randy _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Fri Nov 12 2004 - 19:11:35 PST