Re: Dropping sockets to a particular port
From: MARLON BORBA (MBORBA_at_TRF3.GOV.BR)
Date: 05/29/03
- Previous message: Miller, Dave ( I.S.): "sysback"
- Maybe in reply to: Raj Atwal: "Dropping sockets to a particular port"
- Next in thread: MARLON BORBA: "Re: Dropping sockets to a particular port"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 29 May 2003 18:40:44 -0300 To: aix-l@Princeton.EDU
there is a way but requires some sockets programming knowledge. it's a technique used by hackers to 'hijack' a connection. suppose you know the origin and destination hosts IPs. then you would in order to 'hijack' the connection (a) fool the destination host's TCP/IP stack in such way that it 'thinks' your current host are the origin (e.g. using ARP spoofing), (b) 'sniff' the TCP/IP connection in order to 'guesstimate' the sequence number of the next packet to be sent to the destination and (c) using send a RST (or FIN, don't remember now) packet to end the connection. there are several C programs in the web to do that, or you could write your own.
best regards,
marlon.
/*
Marlon Borba
Divisao de Suporte Tecnico
TRF 3a. Regiao
(11) 3311-4683 e 9692-8357
mborba@trf3.gov.br - marlonborba@acm.org
-------
"We reject kings, presidents, and voting. We
believe in rough consensus and a
running code."
--Dave Clark, pioneiro da Internet
*/
>>> atwalrs@YAHOO.COM 29/05/03 15:28 >>>
That would kill my notes server unfortunately. All the sockets are controlled by one PID and that PID is the notes server, so if I killed that PID I would kill my notes server, which is what I am trying to avoid.
- Previous message: Miller, Dave ( I.S.): "sysback"
- Maybe in reply to: Raj Atwal: "Dropping sockets to a particular port"
- Next in thread: MARLON BORBA: "Re: Dropping sockets to a particular port"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
