Collaborate Disseminate
I am trying to create a TCP Reset Attack on 3 docker containers: Attacker, Host01, Host02.
My goal is to attack the TCP connection between Host01 and Host02 and the end result would be the TCP connection breaks when executing the TCP reset… Continue reading TCP Reset attack: unable to break the TCP connection [closed]
Suppose an attacker collects a large number of initial sequence numbers sent by the server. Can the
attacker cause the server to create many fully open connections by sending ACKs with those initial
sequence numbers? Why?
Continue reading Leaving half open or full open connection having SYN cookie
Suppose an attacker knows that a target host uses SYN cookies. Can the attacker create half-open or fully open connections by simply sending an ACK packet to the target? Why or why not?
Continue reading Creating half open or full open connection in presence of SYN cookie
If there are 3 machines A, B and C and A communicate directly with B (A -> B) but B is executing port fordwarding with the next command
socat TCP4-LISTEN:443,fork TCP4:<ip machine C>:443
So in fact the communication is A -> B … Continue reading Detect port forwarding
I have some related questions:
Is it possible to spoof the source address in the TCP/IP header when using HTTPS?
If possible, is there any way to detect source address change? I think the checksum is not a good idea because if you can cha… Continue reading Spoofing TCP/IP headers and uniqueness of the host name
I’m trying to create a SCP to restrict member account users to create/modify security group(s) that have inbound rule for SSH/RDP with Source set as 0.0.0.0 or ::/0.
Basically, I want users to SSH into EC2 instances only using bastion host… Continue reading SCP to create security groups in member AWS account
I started noticing this behaviour for more than a month. Whenever I connect my laptop to the WiFi router there are lots of RST and DUP ACKs up to the same TCP sequence, as given in the example below, where DUP ACK reached the sequence numb… Continue reading Repeated DUP ACK and RST to same TCP SEQ and ACK
I have no access to the router nor do I have any administrative access to this local network. But every 5 minutes the router attempts to connect to my PC through port 80/tcp, and it attempts exactly 4 times each time (and tries again 5 min… Continue reading The router (that my PC is connected to) is continuously attempting to connect through TCP80. What would be the reasons?
I’m deeper into different VPN technologies for university and wondering, how Wireguard is handling the IP-packets (header and payload) compared to IPsec’s tunnel and transport mode. May someone explain that to me?
Continue reading Comparing Wireguard to IPsec: Is Wireguard working like transport- or tunnel-mode?
Are there any legitimate circumstances under which TCP SYN+ACK packets would arrive at a Linux firewall’s INPUT chain, if it did not leave via the OUTPUT chain?
That is, am I correct in assuming that NATed or FORWARDed (routed) traffic c… Continue reading TCP SYN/ACK on INPUT vs FORWARD