[Full-disclosure] TCP/IP vulnerability

Mohit Kohli mkohli at TechMahindra.com
Wed May 23 16:27:33 BST 2007 

Ivan

Thanks for the reply but have some concerns...
1)Tearn drop and land attack work on win 95 server,how to exploits this vulnerability or its variant on windows 2000 or linux.

Do we have any other vulnerability in TCP/IP apart of listed below...


Cheers,

Mohit 
-----Original Message-----
From: Ivan . [mailto:ivanhec at gmail.com]
Sent: Wed 5/23/2007 5:34 AM
To: Mohit Kohli
Cc: seclists at syneticon.de; full-disclosure at lists.grok.org.uk; pen-test at securityfocus.com; vuln-dev at securityfocus.com
Subject: Re: [Full-disclosure] TCP/IP vulnerability
 
dude, check out Fernando Gont site

http://www.gont.com.ar/tools/icmp-attacks/index.html

cheers
Ivan

On 5/22/07, Mohit Kohli <mkohli at techmahindra.com> wrote:
>
>
>
>
> Hi Guys,
>
>
>
> I got an assignment to write a white paper on TCP/IP and to show demo on how to exploits the same.
>
>
>
> I have listed some of the vulnerability, but need some good tools (preferably windows based) to exploit the vulnerability and to perform further analysis.
>
>
>
> overlapping IP fragments
> Tear Drop
> Land
> SYN Attack
> Ping Flooding
> IP Spoofing
>
> SYN Guessing
>
> Smurf Attack
>
> Source Routing
> TCP Hijacking
>
> Man-in-the-Middle Attack
>
>
>
> I will appreciate; if you could provide me some inputs with regards to tools to exploits the vulnerability.
>
>
>
> Cheers
>
>
>
> Mohit
>
>
>
>
>
>
> ============================================================================================================================
>
>  Disclaimer:
>
>  This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review at http://www.techmahindra.com/Disclaimer.html externally and http://tim.techmahindra.com/Disclaimer.html internally within Tech Mahindra.
>
>  ============================================================================================================================
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



============================================================================================================================
 
Disclaimer:

This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review at <a href="http://www.techmahindra.com/Disclaimer.html">http://www.techmahindra.com/Disclaimer.html</a> externally and <a href="http://tim.techmahindra.com/Disclaimer.html">http://tim.techmahindra.com/Disclaimer.html</a> internally within Tech Mahindra.

============================================================================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070523/f228005e/attachment.html

Full-Disclosure is hosted and sponsored by Secunia.