URGENT!! Changes in IPv4 will affect hackers!
Results 1 to 9 of 9

Thread: URGENT!! Changes in IPv4 will affect hackers!

  1. #1
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324

    URGENT!! Changes in IPv4 will affect hackers!

    If you don't make these changes, your packets will not go anywhere. You need an evil bit in your packets. All you evil hackers out there must do the following (as sourced from RFC Editor):
    Firewalls, packet filters, intrusion detection systems, and the like
    often have difficulty distinguishing between packets that have
    malicious intent and those that are merely unusual. We define a
    security flag in the IPv4 header as a means of distinguishing the two
    cases.

    <snip>

    Firewalls [CBR03], packet filters, intrusion detection systems, and
    the like often have difficulty distinguishing between packets that
    have malicious intent and those that are merely unusual. The problem
    is that making such determinations is hard. To solve this problem,
    we define a security flag, known as the "evil" bit, in the IPv4
    [RFC791] header. Benign packets have this bit set to 0; those that
    are used for an attack will have the bit set to 1.

    <snip>

    The bit field is laid out as follows:

    0
    +-+
    |E|
    +-+

    Currently-assigned values are defined as follows:

    0x0 If the bit is set to 0, the packet has no evil intent. Hosts,
    network elements, etc., SHOULD assume that the packet is
    harmless, and SHOULD NOT take any defensive measures. (We note
    that this part of the spec is already implemented by many common
    desktop operating systems.)

    0x1 If the bit is set to 1, the packet has evil intent. Secure
    systems SHOULD try to defend themselves against such packets.
    Insecure systems MAY chose to crash, be penetrated, etc.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  2. #2
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    MsM: Funny....... You have a lot of tim eon your hands don't you......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #3
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    It's a legit RFC! What are you talking about? Go to RFC-editor.org and search for RFC 3514. It's really there.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  4. #4
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Originally posted here by MsMittens
    It's a legit RFC! What are you talking about? Go to RFC-editor.org and search for RFC 3514. It's really there.
    Hehehe. While you're there also check-out RFC1149.

  5. #5
    Banned
    Join Date
    Dec 2002
    Posts
    394
    RFC's internet greatest learning tool. Thx Ms. Kitten and SirDice

    Lol, is it really evil. Evil bit stop script kiddies! That more like it.

  6. #6
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    LOL Ms..... You can write an RFC for anything..... it's a Request for Comment, (though I'm sure you are well aware of that...<s>)...... Doesn't mean it is an accepted practice.......

    Good one though.....

    Sir Dice - I work for a non-profit - we use the principles of RFC1149 for some of our remote sites if point to point T1 is too expensive. We found that wrens and finches could only carry one packet at a time unless they were large packets which we would then have to fragment making it rather inefficient. We upgraded to pigeons and found that we could actually send multiple large packets on a single bird without the need for fragmentaion. In trying to advance that theory we rented a couple of Condors thinking that we could manage near DSL speeds but the fines by the FAA caused by the birds entering International Air Corridors made that venture not cost effective, (luckily we were only renting the Condors on a day to day basis so we did not incur penalties due to early return and saved enough money for 3 more pigeons).

    I'm guessing right now but I figure we are getting ISDN speeds for the price of a few ounces of seed per day..... not a bad deal really.......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  7. #7
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    LOL Tiger Shark
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  8. #8
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Sir Dice: Did I forget to mention the bird crap can be a bit of a problem if you let them near your keyboard or mouse pad......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  9. #9
    Senior Member
    Join Date
    Jan 2002
    Posts
    244

    Re: URGENT!! Changes in IPv4 will affect hackers!

    Good post MsM!

    That s why i love NAT.

    You can also diagnose your software firewall when you use NAT .

    (false positives)
    i m gone,thx everyone for so much fun and good info.
    cheers and good bye

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •