|
-
January 24th, 2004, 09:58 PM
#11
Member
because it's a lot of information, and i don't want to waste my time searching my computer for links and stuff if people arn't intrested in seeing it.
also, there is the legiticmy...if they are going to use this for education vs illegal...
-
January 24th, 2004, 10:07 PM
#12
Originally posted here by Waveshifter
Thanks ! ... But i heard that OSs like windows dont allow such low level stuffs.. is it true ??
while older versions of windows did not natively allow ip spoffing, with the introduction of raw sockets it is now quit possible
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
January 24th, 2004, 10:19 PM
#13
[edit] i don't want to waste my time searching my computer for links and stuff [/quote]
Well, I wouldn't want you to waste your time.... but I would point out that there is a lot of information on AO that can be used for illegal purposes... that's the point. If we don't share that information, then we don't learn. (have you checked out the apps section? I think it still works)
If people want to use it for illegal purposes, how are you going to stop it? There are hundreds of other sites where they can get the same information.
NullDevice has a nice tutorial on Dos: http://www.antionline.com/showthread...highlight=Ddos
And thanks to Dark Pheon1x, the following article: http://www.theregister.co.uk/content/56/31801.html
Here we have an entire thread for man-in-the -middle attacks : http://www.antionline.com/showthread...Middle+Attacks
And here is a site that covers alot of what you listed above: http://www.liquidcodedesign.com/main.asp?action=fw7
And here is a nice thesis by Johnathan Katz explaining how to prevent man-in-the-middle attacks. http://www.cs.ucla.edu/~rafail/STUDENTS/katz-thesis.pdf You might not want to read it though, it tells how to do it... shhhhhh!! 
I could go on, but I won't. If you are just here to leach off others, that's fine with me ( I don't know what else to call it if you don't want to share your knowledge). But the underlying concept of AO (if I may be so bold) is to share information with each other in order that we all learn together.
-
January 25th, 2004, 12:23 AM
#14
Senior Member
The attack that Kevin Mitnick used that you are referring was the SYN/ACK in which the attacker floods a trusted host with SYN (syncronise sequence numbers) packet causing it to ignore the SYN/ACK response. So now the attack can send his own SYN packet to the target. Then when SYN/ACK packets are sent to the attacker and he replies correctly with the correct sequence numbers, The attacker now has a one-way connection to the host which appears to come from the trusted host.
The attacker can now pipe commands (any at all) to setup trojans/backdoors and so on.
When the attacker is finish he send a RST(reset) packet to the target, the connection is reset and nobody know any different.
p.s. It is hard to detect these attacks (but not impossible)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote