Bugtraq mailing list archives
Re: Hijacking tool
From: Quentin.Fennessy () SEMATECH Org (Quentin Fennessy)
Date: Tue, 24 Jan 1995 12:23:22 -0600
> >If you're hijacking *connections* isn't it much easier to just steal >the filehandles in the kernel? Not if you're on entirely another host. That's the point of RTM-Snr's attack, as expanded upon by Bellovin. Guessing sequence numbers and flooding the remote machine - alec
Alec- I think you may be confusing two techniques here - both of which have just become more 'popular.' I believe the hijacking technique is to use TAP, a modloadable SunOS driver to read and possibly write to an established pty. The TCP sequence number is what RTM and SMB wrote about. This is different - you don't need root anywhere to to that. Quentin
Current thread:
- Re: Hijacking tool, (continued)
- Re: Hijacking tool John Evans (Jan 24)
- Re: Hijacking tool jim () Tadpole COM (Jan 23)
- Re: Hijacking tool Darren Reed (Jan 23)
- CIAC Advisory F-08: IP Address Spoofing and Hijacked Session Attacks (fwd) Mark Crother (Jan 23)
- Re: Hijacking tool Patrick Horgan (Jan 23)
- Re: Hijacking tool der Mouse (Jan 24)
- Anti Hijacking tools Pete Shipley (Jan 27)
- Re: Anti Hijacking tools jsz (Jan 28)
- Re: Anti Hijacking tools Karl Strickland (Jan 28)
- Re: Anti Hijacking tools Darren Reed (Jan 28)
- Anti Hijacking tools Pete Shipley (Jan 27)
- Re: Hijacking tool Quentin Fennessy (Jan 24)
- Re: Hijacking tool Timothy Newsham (Jan 25)
- Re: Hijacking tool Eric Conrad (Jan 24)
- Re: Hijacking tool Harold van Aalderen (Jan 25)
- Re: Hijacking tool Aleph One (Jan 25)
- Re: Hijacking tool Quentin Fennessy (Jan 25)
- Re: Hijacking tool Jonathan M. Bresler (Jan 26)