Bugtraq mailing list archives
Re: Analysis of "stacheldraht"
From: jpr5 () DARKRIDGE COM (Jordan Ritter)
Date: Fri, 31 Dec 1999 14:34:52 -0500
# Programs like "ngrep" do not process ICMP packets, so you will not as # easily (at this point in time) be able to watch for strings in the data # portion of the ICMP packets (except using the patches to tcpshow from # Appendix C and patches to sniffit provided in the analysis of TFN). The latest version of ngrep (1.35) does in fact match ICMP, and has been out for some time now. --jordan
Current thread:
- Re: majordomo local exploit Henrik Edlund (Dec 29)
- Re: majordomo local exploit Jefferson Ogata (Dec 29)
- AltaVista followup and monitor script Edward Glowacki (Dec 29)
- Re: majordomo local exploit Chip Salzenberg (Dec 29)
- UnixWare rtpm exploit + discussion Brock Tellier (Dec 30)
- Local / Remote GET Buffer Overflow Vulnerability in CamShot WebCam HTTP Server v2.5 for Win9x/NT Ussr Labs (Dec 30)
- PC-Cillin 6.x DoS Attack Daniel P. Stasinski (Dec 30)
- Analysis of "stacheldraht" Dave Dittrich (Dec 30)
- Re: Analysis of "stacheldraht" Jordan Ritter (Dec 31)
- Re: Analysis of "stacheldraht" Dave Dittrich (Dec 31)
- Re: Analysis of "stacheldraht" Jordan Ritter (Dec 31)