Bugtraq mailing list archives

Re: Hijacking tool

From: Quentin.Fennessy () SEMATECH Org (Quentin Fennessy)
Date: Tue, 24 Jan 1995 12:23:22 -0600

 >
 >If you're hijacking *connections* isn't it much easier to just steal
 >the filehandles in the kernel?

Not if you're on entirely another host.

That's the point of RTM-Snr's attack, as expanded upon by
Bellovin. Guessing sequence numbers and flooding the remote machine

      - alec


Alec-
    I think you may be confusing two techniques here - both of which
have just become more 'popular.'  I believe the hijacking technique
is to use TAP, a modloadable SunOS driver to read and possibly write
to an established pty.

The TCP sequence number is what RTM and SMB wrote about.  This is
different - you don't need root anywhere to to that.

Quentin

Current thread:

Re: Hijacking tool, (continued)
- - - Re: Hijacking tool John Evans (Jan 24)
- Re: Hijacking tool jim () Tadpole COM (Jan 23)
  - Re: Hijacking tool Darren Reed (Jan 23)
  - CIAC Advisory F-08: IP Address Spoofing and Hijacked Session Attacks (fwd) Mark Crother (Jan 23)
- Re: Hijacking tool Patrick Horgan (Jan 23)
- Re: Hijacking tool der Mouse (Jan 24)
  - Anti Hijacking tools Pete Shipley (Jan 27)
    - Re: Anti Hijacking tools jsz (Jan 28)
    - Re: Anti Hijacking tools Karl Strickland (Jan 28)
    - Re: Anti Hijacking tools Darren Reed (Jan 28)
- Re: Hijacking tool Quentin Fennessy (Jan 24)
  - Re: Hijacking tool Timothy Newsham (Jan 25)
- Re: Hijacking tool Eric Conrad (Jan 24)
  - Re: Hijacking tool Harold van Aalderen (Jan 25)
  - Re: Hijacking tool Aleph One (Jan 25)
- Re: Hijacking tool Quentin Fennessy (Jan 25)
  - Re: Hijacking tool Jonathan M. Bresler (Jan 26)