Thanks Randy, your changes have been committed after testing. John > Randy Chou wrote: > >> Hi, >> >> I had some comments regarding the plugin: "racoon_cookie_malloc_dos.nasl" >> >> >> The script as is does: >> >> 1. create udp >> - send initiator packet >> - recv responder packet >> 2. create udp >> - send malicious packet >> - recv malicious packet >> 3. repeat #1 w/ new UDP port and expect a packet >> >> >> Note that #2 and #3 create a new source UDP port while the icookie is >> still the same. I don't believe the VPN server needs to reply in #3 >> to the port recv'd in #3 as it has the same icookie as #1 until such >> exchange times out (20-60 seconds later). >> >> I would suggest changing the logic in #3 to: >> >> - reuse udp port from #1 and expect a packet. >> >> Here is the diff: >> >> diff racoon_cookie_malloc_dos.nasl >> ../plugins_orig/racoon_cookie_malloc_dos.nasl >> 97,99c97,99 >> < soc2 = open_sock_udp(port); >> < send(socket:soc2, data:req); >> < r = recv(socket:soc2, length:1024); >> --- >> >>> soc = open_sock_udp(port); >>> send(socket:soc, data:req); >>> r = recv(socket:soc, length:1024); >> >> 102c102 >> < # reuse the original port >> --- >> >>> soc=open_sock_udp(port); >> >> >> >> >> Regards, >> >> >> -- >> Randy >> > > _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Sat Nov 13 2004 - 13:50:08 PST