RE: Retransmissions while blocking TCP Stack's RST?

From: Cynic (cynicat_private)
Date: Thu Oct 31 2002 - 01:08:48 PST

Next message: Cynic: "Re: Retransmissions while blocking TCP Stack's RST?"

Previous message: MA: "Re: Retransmissions while blocking TCP Stack's RST?"
Maybe in reply to: Cynic: "Retransmissions while blocking TCP Stack's RST?"
Next in thread: Cynic: "Re: Retransmissions while blocking TCP Stack's RST?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

(Attached below is a post that didn't make it to the list)

Thanks everyone for the input.
Sorry for my bad phrasing, I did intend to replay a TCP session without involving my TCP stack.
Till now, I was using tcpreplay and iptables for the job, however this still leaves the ISN problem.

Does anyone know perhaps of a commercial tool that automatically (userland..) calculates the ISN & Checksums? I believe I read somewhere that Hailstorm might do the job.
Any input appreciated, thanks for all the help.

Cynic.

--- "David Fried" <dfriedat_private> wrote:
>Cynic,
>
>See if this is what you want -
>
>Netpoke is a utility used to replay packets to a live network that were
>previously captured with the tcpdump program. It attempts to match the
>timing of the original traffic, optionally speeding it up or slowing it
>down, and can also modify the network hardware address in the replayed
>traffic. Netpoke supports multiple network interfaces allowing replayed
>packets to by injected into different points on a network based on the
>source address.
>
>http://www.ll.mit.edu/IST/ideval/tools/tools_index.html
>
>Dave Fried
>
>-----Original Message-----
>From: Cynic [mailto:cynicat_private]
>Sent: Wednesday, October 30, 2002 9:34 AM
>To: vuln-devat_private
>Subject: Retransmissions while blocking TCP Stack's RST?
>
>
>Hi,
>
>I am looking for an application for *NIX, that can replay captured packets,
>while dropping, the TCP Stacks responses.
>Let's assume I replay a SYN, and receive a SYN-ACK, my host's TCP Stack
>immediatley replies with a RST since it was not aware a connection was to be
>opened.
>So I am looking for some low-level retransmission application for *nix such
>as Network monitor for NT. (I believe it does this.)
>
>Thanks a lot!
>
>Cynic.
>
>_____________________________________________________________
>For the best in Progressive Rock on the internet, check out PROGROCK.COM!
>http://www.progrock.com
>
>_____________________________________________________________
>Select your own custom email address for FREE! Get youat_private w/No
>Ads, 6MB, POP & more! http://www.everyone.net/selectmail?campaign=tag

_____________________________________________________________
For the best in Progressive Rock on the internet, check out PROGROCK.COM!
http://www.progrock.com

_____________________________________________________________
Select your own custom email address for FREE! Get youat_private w/No Ads, 6MB, POP & more! http://www.everyone.net/selectmail?campaign=tag

Next message: Cynic: "Re: Retransmissions while blocking TCP Stack's RST?"
Previous message: MA: "Re: Retransmissions while blocking TCP Stack's RST?"
Maybe in reply to: Cynic: "Retransmissions while blocking TCP Stack's RST?"
Next in thread: Cynic: "Re: Retransmissions while blocking TCP Stack's RST?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Oct 31 2002 - 08:50:44 PST