Bugtraq mailing list archives

Re: Analysis of "stacheldraht"

From: jpr5 () DARKRIDGE COM (Jordan Ritter)
Date: Fri, 31 Dec 1999 14:34:52 -0500


# Programs like "ngrep" do not process ICMP packets, so you will not as
# easily (at this point in time) be able to watch for strings in the data
# portion of the ICMP packets (except using the patches to tcpshow from
# Appendix C and patches to sniffit provided in the analysis of TFN).

The latest version of ngrep (1.35) does in fact match ICMP, and has been out
for some time now.

--jordan

Current thread:

Re: majordomo local exploit Henrik Edlund (Dec 29)
- Re: majordomo local exploit Jefferson Ogata (Dec 29)
- AltaVista followup and monitor script Edward Glowacki (Dec 29)
- Re: majordomo local exploit Chip Salzenberg (Dec 29)
- UnixWare rtpm exploit + discussion Brock Tellier (Dec 30)
- Local / Remote GET Buffer Overflow Vulnerability in CamShot WebCam HTTP Server v2.5 for Win9x/NT Ussr Labs (Dec 30)
- PC-Cillin 6.x DoS Attack Daniel P. Stasinski (Dec 30)
- Analysis of "stacheldraht" Dave Dittrich (Dec 30)
  - Re: Analysis of "stacheldraht" Jordan Ritter (Dec 31)
    - Re: Analysis of "stacheldraht" Dave Dittrich (Dec 31)

Bugtraq mailing list archives

Re: Analysis of &quot;stacheldraht&quot;

Current thread:

Re: Analysis of "stacheldraht"