Vulnerability Development mailing list archives
RE: Retransmissions while blocking TCP Stack's RST?
From: Cynic <cynic () progrock com>
Date: Thu, 31 Oct 2002 01:08:48 -0800 (PST)
(Attached below is a post that didn't make it to the list) Thanks everyone for the input. Sorry for my bad phrasing, I did intend to replay a TCP session without involving my TCP stack. Till now, I was using tcpreplay and iptables for the job, however this still leaves the ISN problem. Does anyone know perhaps of a commercial tool that automatically (userland..) calculates the ISN & Checksums? I believe I read somewhere that Hailstorm might do the job. Any input appreciated, thanks for all the help. Cynic. --- "David Fried" <dfried () ll mit edu> wrote:
Cynic, See if this is what you want - Netpoke is a utility used to replay packets to a live network that were previously captured with the tcpdump program. It attempts to match the timing of the original traffic, optionally speeding it up or slowing it down, and can also modify the network hardware address in the replayed traffic. Netpoke supports multiple network interfaces allowing replayed packets to by injected into different points on a network based on the source address. http://www.ll.mit.edu/IST/ideval/tools/tools_index.html Dave Fried -----Original Message----- From: Cynic [mailto:cynic () progrock com] Sent: Wednesday, October 30, 2002 9:34 AM To: vuln-dev () securityfocus com Subject: Retransmissions while blocking TCP Stack's RST? Hi, I am looking for an application for *NIX, that can replay captured packets, while dropping, the TCP Stacks responses. Let's assume I replay a SYN, and receive a SYN-ACK, my host's TCP Stack immediatley replies with a RST since it was not aware a connection was to be opened. So I am looking for some low-level retransmission application for *nix such as Network monitor for NT. (I believe it does this.) Thanks a lot! Cynic. _____________________________________________________________ For the best in Progressive Rock on the internet, check out PROGROCK.COM! http://www.progrock.com _____________________________________________________________ Select your own custom email address for FREE! Get you () yourchoice com w/No Ads, 6MB, POP & more! http://www.everyone.net/selectmail?campaign=tag
_____________________________________________________________ For the best in Progressive Rock on the internet, check out PROGROCK.COM! http://www.progrock.com _____________________________________________________________ Select your own custom email address for FREE! Get you () yourchoice com w/No Ads, 6MB, POP & more! http://www.everyone.net/selectmail?campaign=tag
Current thread:
- Retransmissions while blocking TCP Stack's RST? Cynic (Oct 30)
- Re: Retransmissions while blocking TCP Stack's RST? Brad Arlt (Oct 30)
- Re: Retransmissions while blocking TCP Stack's RST? Jared Stanbrough (Oct 30)
- Re: Retransmissions while blocking TCP Stack's RST? Bryan Burns (Oct 30)
- Re: Retransmissions while blocking TCP Stack's RST? Dan Kaminsky (Oct 30)
- Re: Retransmissions while blocking TCP Stack's RST? Dan Hanson (Oct 30)
- Re: Retransmissions while blocking TCP Stack's RST? MA (Oct 31)
- Re: Retransmissions while blocking TCP Stack's RST? Jared Stanbrough (Oct 30)
- Re: Retransmissions while blocking TCP Stack's RST? Filipe Almeida (Oct 30)
- <Possible follow-ups>
- RE: Retransmissions while blocking TCP Stack's RST? Cynic (Oct 31)
- Re: Retransmissions while blocking TCP Stack's RST? Cynic (Oct 31)
- Re: Retransmissions while blocking TCP Stack's RST? Brad Arlt (Oct 30)