North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Land Protection for Cisco
Paul D. Robertson <[email protected]> writes: > Has anyone tried [the "land" attack] sourced and destined for > different interfaces on the same box? My test gear is all tied > up right now, and I'd rather not test on a production box. It is highly unlikely that this would work. The essence of the attack is creating a TCP connection in which (src-ip, src-port) is equal to (dst-ip, dst-port), so that the box's responses on that TCP circuit reappear as input from the "peer". This won't happen if src-ip != dst-ip, even if both ip's are associated with the same box. Jim Shankland Flying Fox Computer Systems, Inc.
|