TCP – Page 31 – WindowsTechs.com

How to set reverse tcp connection when doing pentesting in VMs?

Posted on August 12, 2016 by dotslash

msfconsole is a cool opensource pentesting tool from metasploit.

Once the exploit is valid, we can set payload to the victim. For persistent connection, we may need meterpreter.

But we often test security in Virtual Machines running ms… Continue reading How to set reverse tcp connection when doing pentesting in VMs?→

Linux bug leaves USA Today, other top sites vulnerable to serious hijacking attacks

Posted on August 10, 2016 by Dan Goodin

“Off-path” attack means hackers can be anywhere with no man-in-the-middle needed. Continue reading Linux bug leaves USA Today, other top sites vulnerable to serious hijacking attacks→

Serious TCP Bug in Linux Systems Allows Traffic Hijacking

Posted on August 10, 2016 by Michael Mimoso

A serious vulnerability in the TCP implementation in Linux systems can be used identify hosts communicating over the protocol and attack that traffic. Continue reading Serious TCP Bug in Linux Systems Allows Traffic Hijacking→

How is this "captive portal" intercepting and manipulating my HTTP requests?

Posted on August 8, 2016 by the_velour_fog

I sometimes use a free Wifi service to get access to the internet.
Like most/all providers of services like this, this service employs a captive portal. So if you try to make a HTTP request (request a web page) in your browse… Continue reading How is this "captive portal" intercepting and manipulating my HTTP requests?→

Is it possible to send HTTP packet via spoofed IP?

Posted on May 25, 2016 by user111609

I have the following PHP code that writes accepted to a file named text.txt only if the IP is equal to 127.0.0.1 (loopback). If the IP doesn’t match it writes denied.

<?php
$file = fopen(‘text.txt’ , ‘a’);
if($_SERVER[‘RE… Continue reading Is it possible to send HTTP packet via spoofed IP?→

OS fingerprinting via TCP

Posted on April 17, 2016 by Steve

I have searched online about this topic and the only information I got is that TCP SYN/ACK can be used to know the type of the target OS. If that is true, I don’t understand how this occurs? Does TCP handshaking lead to OS fi… Continue reading OS fingerprinting via TCP→

Can a TCP connection be terminated by an attacker if SSL/TLS has been used to protect data in the TCP segment?

Posted on April 12, 2016 by ellefc

I understand that SSL/TLS is built on top of TCP. That is after a TCP connection is established, an SSL handshake can be started. When it is completed, all communication will be encrypted and authenticated. To close the conne… Continue reading Can a TCP connection be terminated by an attacker if SSL/TLS has been used to protect data in the TCP segment?→

Beginner > Medium > Advanced Books/Guides/Tutorials on TCP/IP [closed]

Posted on January 31, 2016 by pee2pee

I am a long time web developer looking to get into infosec. I was hoping to get guidance on material from a beginner’s stance on TCP/IP and hopefully “networks”.

I realise the massive generalisation I’m making but being help… Continue reading Beginner > Medium > Advanced Books/Guides/Tutorials on TCP/IP [closed]→

Pros and cons of disabling TCP timestamps

Posted on January 26, 2016 by Parthian Shot

So, lynis informs me that I should unset net.ipv4.tcp_timestamps.
I know that’s a bad thing because an attacker could figure out which updates that require restarting the machine I haven’t applied, or they could use it to figure out my upd… Continue reading Pros and cons of disabling TCP timestamps→

Add SSL on top of existing TCP connection

Posted on November 13, 2015 by user91560

This may sound as basic question for some but I have never done such thing.

Imagine I basically have simple TCP client implemented on C# (e.g. TCPClient class) and simple TCP server implemented using C++ (e.g. using sockets)… Continue reading Add SSL on top of existing TCP connection→