Ethereal-dev: Re: [Ethereal-dev] Detecting TCP Timestamp PAWS DoS from tracefile

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: "J.Smith" <lbalbalba@xxxxxxxxxxx>
Date: Sun, 7 Aug 2005 20:42:21 +0200
"Alok" <alokdube@xxxxxxxxxx> wrote:


Why are you trying to figure out someway to detect
a *possible case* of a buggy implementation?
Well I do not know how other people are using Ethereal, but to me it's primarily a trouble shooting tool. Given the fact that Ethereal's a Network Protocol Analyzer, I use it to troubleshoot the network. When trying to resolve any given problem, determining a probable cause is often the first step taken towards finding the solution.
Of course, other people may or may not have different views on that topic or different uses for Ethereal. As it is, Ethereal may or may not be the right tool for this particular job. Perhaps I should take a look at Snort - I believe it has an option for reading back tracefiles. 


Thanks for all the feedback,


Sincerely,


John Smith
----- Original Message ----- From: "Alok" <alokdube@xxxxxxxxxx> 
To: "Ethereal development" <ethereal-dev@xxxxxxxxxxxx>
Sent: Sunday, August 07, 2005 8:18 PM
Subject: Re: [Ethereal-dev] Detecting TCP Timestamp PAWS DoS from tracefile
Throw hadrware and money, anything can be done , and messed up (like the TCP 
SYN checksum working fine but the rest not working fine, even if they are
just ACKs and nothing more in the payload...)... Why are you trying to
figure out someway to detect a *possible case* of a buggy implementation?
There could be 1000s more.