Tweet
Greetings -
I'm looking into the work done by Michal Zalewski(1) and Saqib Khan(2). Interesting ideas and I'm wondering if anyone here has looked into it. I've spent time in the land of Google and can't find much else on the subject.
Khan talked about using ICMP in his talk but I seriously doubt that approach would be practical in the wild due to NACHI related firewall rules. Sure, I could send 10K in a crafted ping packet but the target firewall is gonna throw a fit. I'm thinking about using DNS queries. Obviously 10K isn't my target size but 64bytes isn't either. ;)
I just know one of you are going to Google this up and find 5000 hits and I'm off to Fucktard Hall...ah well...if it has to be, it has to be.
-Warwick
1) http://lcamtuf.coredump.cx/juggling_with_packets.txt
2) http://www.defcon.org/html/defcon-10...html#saqibkhan
I'm looking into the work done by Michal Zalewski(1) and Saqib Khan(2). Interesting ideas and I'm wondering if anyone here has looked into it. I've spent time in the land of Google and can't find much else on the subject.
Khan talked about using ICMP in his talk but I seriously doubt that approach would be practical in the wild due to NACHI related firewall rules. Sure, I could send 10K in a crafted ping packet but the target firewall is gonna throw a fit. I'm thinking about using DNS queries. Obviously 10K isn't my target size but 64bytes isn't either. ;)
I just know one of you are going to Google this up and find 5000 hits and I'm off to Fucktard Hall...ah well...if it has to be, it has to be.
-Warwick
1) http://lcamtuf.coredump.cx/juggling_with_packets.txt
2) http://www.defcon.org/html/defcon-10...html#saqibkhan
Comment