Tweet
I was reading this presentation which was in Defcon 10( I didn't go).. and I have a question because I think I am missing on something but not sure what:
How does computer B know to ACK A and not anyother computer on the network. That taking into consideration the fact that the initial packet from A to computer Victim V is a "spoofed echo request (with B's Src Address).......
thus the packet doesn't have SRc address as being A.....
Will the address that B will ack back to in this case be part of the key? and if so doesn't this suppose you have modified the behaviour of computer B to respond differently to ICMP requests to accomodate the "fact that the address to ACK back to will be in the data section?"...
Doesn't this in sequence make the reaction predictable , thus detectable thus not stealth anymore?
Regards,
The paper is here by the way:
http://www.defcon.org/html/links/def...-archives.html
under Defcon 10, privacy/anonymity
How does computer B know to ACK A and not anyother computer on the network. That taking into consideration the fact that the initial packet from A to computer Victim V is a "spoofed echo request (with B's Src Address).......
thus the packet doesn't have SRc address as being A.....
Will the address that B will ack back to in this case be part of the key? and if so doesn't this suppose you have modified the behaviour of computer B to respond differently to ICMP requests to accomodate the "fact that the address to ACK back to will be in the data section?"...
Doesn't this in sequence make the reaction predictable , thus detectable thus not stealth anymore?
Regards,
The paper is here by the way:
http://www.defcon.org/html/links/def...-archives.html
under Defcon 10, privacy/anonymity