Collaborate Disseminate
Suppose an attacker knows that a target host uses SYN cookies. Can the attacker create half-open or fully open connections by simply sending an ACK packet to the target? Why or why not?
Continue reading Creating half open or full open connection in presence of SYN cookie
If there are 3 machines A, B and C and A communicate directly with B (A -> B) but B is executing port fordwarding with the next command
socat TCP4-LISTEN:443,fork TCP4:<ip machine C>:443
So in fact the communication is A -> B … Continue reading Detect port forwarding
I have some related questions:
Is it possible to spoof the source address in the TCP/IP header when using HTTPS?
If possible, is there any way to detect source address change? I think the checksum is not a good idea because if you can cha… Continue reading Spoofing TCP/IP headers and uniqueness of the host name
I’m trying to create a SCP to restrict member account users to create/modify security group(s) that have inbound rule for SSH/RDP with Source set as 0.0.0.0 or ::/0.
Basically, I want users to SSH into EC2 instances only using bastion host… Continue reading SCP to create security groups in member AWS account
I started noticing this behaviour for more than a month. Whenever I connect my laptop to the WiFi router there are lots of RST and DUP ACKs up to the same TCP sequence, as given in the example below, where DUP ACK reached the sequence numb… Continue reading Repeated DUP ACK and RST to same TCP SEQ and ACK
I have no access to the router nor do I have any administrative access to this local network. But every 5 minutes the router attempts to connect to my PC through port 80/tcp, and it attempts exactly 4 times each time (and tries again 5 min… Continue reading The router (that my PC is connected to) is continuously attempting to connect through TCP80. What would be the reasons?
I’m deeper into different VPN technologies for university and wondering, how Wireguard is handling the IP-packets (header and payload) compared to IPsec’s tunnel and transport mode. May someone explain that to me?
Continue reading Comparing Wireguard to IPsec: Is Wireguard working like transport- or tunnel-mode?
Are there any legitimate circumstances under which TCP SYN+ACK packets would arrive at a Linux firewall’s INPUT chain, if it did not leave via the OUTPUT chain?
That is, am I correct in assuming that NATed or FORWARDed (routed) traffic c… Continue reading TCP SYN/ACK on INPUT vs FORWARD
I have a host server that the open ports are :
PORT STATE SERVICE
80/udp open|filtered http
130/udp open|filtered cisco-fna
255/udp open|filtered unknown
8080/udp open|filtered http-alt
PORT STATE SERVICE
22/tcp open ss… Continue reading Create a bridge UDP to TCP to use some dir listing [closed]
I have developed a multithreaded server/client python application, my next goal is to encrypt the traffic between both parties but I can’t tell where should I invest all my research energy in
Using SSL/TLS has a warning that is really not … Continue reading How to properly secure a tcp server/client application