Full Disclosure mailing list archives
Re: Idle scan rediscovered!!!
From: rembrandt () jpberlin de
Date: Fri, 5 May 2006 23:23:55 +0200 (CEST)
Le vendredi 05 mai 2006 à 16:11 -0400, Tim a écrit :Gives back exploitable incremental IPID on a Linux 2.6.15 box.Are you sure? Just because the sequences are predictable or even incremental for your source host doesn't mean it is exploitable. This is old information, but I would assume it is still the case (until someone presents hard evidence otherwise):I'm aware of this fact. As I figure all my tests were done from the same box, I'll still have to check it out. Let me test it more intensively after this week-end and I'll let you know.
AND FTP-Bounce is dead too.. right? Wrong... Your assumption that the idlescan is dead where wrong.. no investigation needed.... You wanna (or wont..) check different distributions (Loonix) BSDs and other OSs and you`ll find a lot neat working OSs (in fact Stacks). "So I decided to go puplic" -> wow.... Some peoples even thought smurf was dead but MS 2003 Svr proofed us all wrong. (It was smurf..or? does not matter anyway..) ;) Rembrandt _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Idle scan rediscovered!!! Joel Jose (May 05)
- Re: Idle scan rediscovered!!! Tim (May 05)
- Re: Idle scan rediscovered!!! Cedric Blancher (May 05)
- Re: Idle scan rediscovered!!! Cedric Blancher (May 05)
- Re: Idle scan rediscovered!!! Tim (May 05)
- Re: Idle scan rediscovered!!! Cedric Blancher (May 05)
- Re: Idle scan rediscovered!!! rembrandt (May 05)
- Re: Idle scan rediscovered!!! Tim (May 05)
- Re: Idle scan rediscovered!!! Tim (May 05)
- Re: Idle scan rediscovered!!! Cedric Blancher (May 05)
- Re: Idle scan rediscovered!!! Tim (May 05)