Security Basics mailing list archives
Re: Problems with Fragroute-1.2
From: Dug Song <dugsong () monkey org>
Date: Mon, 4 Apr 2005 17:32:38 -0400
On Mon, Apr 04, 2005 at 10:57:20PM +0530, Arun Vishwanathan wrote:
Summary of my observations: --------------------------- 1. Fragroute works smoothly for both ICMP and TCP when the outbound interface is eth0. 2. When the destination is 20.0.0.2 i.e. network connected to eth1 then only ICMP packets are fragmented while the TCP session does not go through. 3. Strangely the TCP client stack sends a RST on receipt of a SYN-ACK from the server. Can anyone please tell me what is happening here? Am I doing something wrong? How should I rectify this? I don't understand why the client stack which initiated the connection is sending the RST !!! ??
can you show me what your routing table looks like before you run fragroute, and while it's running? the old fragroute pulled some stupid routing tricks to intercept the outbound traffic on loopback, which might be causing you problems (it was the only portable way to do it at the time). the new fragroute doesn't do this (it uses the native tunnel driver now in Linux), but you'll need Python and a few other modules if you want to try it: http://monkey.org/~dugsong/tmp/fragroute-2.0b1.tar.gz -d. --- http://monkey.org/~dugsong/ --------------------------------------------------------------------------- Earn your MS in Information Security ONLINE Organizations worldwide are in need of highly qualified information security professionals. Norwich University is fulfilling this demand with its MS in Information Security offered online. Recognized by the NSA as an academically excellent program, NU offers you the opportunity to earn your degree without disrupting your home or work life. http://www.msia.norwich.edu/secfocus_en ----------------------------------------------------------------------------
Current thread:
- Problems with Fragroute-1.2 Arun Vishwanathan (Apr 04)
- Re: Problems with Fragroute-1.2 Dug Song (Apr 04)