Bugtraq mailing list archives
Re: ICMP spoofed source tunneling
From: fenfire () abwesend de
Date: Wed, 22 Sep 2004 12:33:50 +0200
On Tue, Sep 21, 2004 at 08:55:04PM +0400, Max Tulyev wrote:
Let's imagine in Net a hacker having his source server(S), destination server(D), and a ip-capable device - victim(V). S sends to V spoofed ICMP echo request packet containing IP source address of D, and the data in Payload. When V receiving that packet, it sends ICMP echo-reply packet to D, AND FORWARDS TO D ALL DATA IN PAYLOAD!
This could also be used by peer-to-peer networks to achieve sender anonymity. (Of course you could also directly send UDP packets with forged source addresses...)
Current thread:
- ICMP spoofed source tunneling Max Tulyev (Sep 21)
- Re: ICMP spoofed source tunneling fenfire (Sep 22)
- Re: ICMP spoofed source tunneling Tim Newsham (Sep 22)
- Re: ICMP spoofed source tunneling fenfire (Sep 23)
- Re: ICMP spoofed source tunneling Calum (Sep 28)
- Re: ICMP spoofed source tunneling Tim Newsham (Sep 22)
- Re: ICMP spoofed source tunneling sin (Sep 23)
- <Possible follow-ups>
- Re: ICMP spoofed source tunneling Dave Paris (Sep 23)
- Re: ICMP spoofed source tunneling raiblehugo (Sep 25)
- Re: ICMP spoofed source tunneling fenfire (Sep 22)