Ethereal-dev: Re: [Ethereal-dev] Detecting TCP Timestamp PAWS DoS from tracefile

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: "Alok" <alokdube@xxxxxxxxxx>
Date: Sun, 7 Aug 2005 15:11:44 +0530
If the "sequence number" is not validated, how is the window destroyed?? :-)
Say for example I have host A and host B
i send some random "acks nums" to B with some random seqeunce nums
pretending to be A
now
a. B wll check the ack num ,else the ack has no meaning and it will not
honor the "bits" ;-), now how do i get the ack nums correct?
b. or are you saying the tsval is treated orthogonal to the sequence number?

----- Original Message ----- 
From: "J.Smith" <lbalbalba@xxxxxxxxxxx>
To: "Ethereal development" <ethereal-dev@xxxxxxxxxxxx>
Sent: Sunday, August 07, 2005 2:46 PM
Subject: Re: [Ethereal-dev] Detecting TCP Timestamp PAWS DoS from tracefile


> Alok,
>
> In certain TCP implementations sequence numbers are not properly
validated,
> so in those cases an attacker does not even need to know the correct
> sequence numbers.
>
> Sincerely,
>
> John Smith.
>
>
> ----- Original Message ----- 
> From: "Alok" <alokdube@xxxxxxxxxx>
> To: "Ethereal development" <ethereal-dev@xxxxxxxxxxxx>
> Sent: Saturday, August 06, 2005 8:22 PM
> Subject: Re: [Ethereal-dev] Detecting TCP Timestamp PAWS DoS from
tracefile
>
>
> > Thanks to Guy for the RFC,
> >
> > How can the attacker get the sequence numbers correct/within the window
> > range to be able to destroy exactly that window?
> >
> >
> >
> > _______________________________________________
> > Ethereal-dev mailing list
> > Ethereal-dev@xxxxxxxxxxxx
> > http://www.ethereal.com/mailman/listinfo/ethereal-dev
> >
>
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
>