RE: hijacking TCP connections on FreeBSD

From: Cushing, David (David.Cushingat_private)
Date: Tue Jul 09 2002 - 10:51:10 PDT

Next message: Roland Postle: "Re: Plain text password for Microsoft (icwip.dun)"

Previous message: Steven Jones: "Plain text password for Microsoft (icwip.dun)"
Maybe in reply to: Elan Hasson: "hijacking TCP connections on FreeBSD"
Next in thread: Ryan Permeh: "RE: hijacking TCP connections on FreeBSD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Is it possible to hijack established tcp connections on 
> FreeBSD? 

Sure.  Of course, it would be most impolite to do so.

> if so, how?

A good paper on the subject is:
Analysis of a Telnet Session Hijack via Spoofed MAC Addresses and Session Resynchronization (Ed Norris)

Available on the sans site (rr.sans.org) or in google cache if you don't like logging in.

> any programs in existence that do this already?

Hunt:
http://ftp.cerias.purdue.edu/pub/tools/unix/netutils/hunt/
http://packetstormsecurity.nl/sniffers/hunt/

dsniff:
http://www.monkey.org/~dugsong/dsniff/

Happy hijacking,
David

Next message: Roland Postle: "Re: Plain text password for Microsoft (icwip.dun)"
Previous message: Steven Jones: "Plain text password for Microsoft (icwip.dun)"
Maybe in reply to: Elan Hasson: "hijacking TCP connections on FreeBSD"
Next in thread: Ryan Permeh: "RE: hijacking TCP connections on FreeBSD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 09 2002 - 11:55:51 PDT