Re^2: Insert the 4th TCP packet after TCP three-times handshakes

The code is ejecting packets into its own session (see fork + connect). As it stands right now this can't be used for "Evil".

There are legit uses for injecting packets like this. I do something similar for testing IP stacks. Though, I handle the full session by hand.

Comment on Re^2: Insert the 4th TCP packet after TCP three-times handshakes

Replies are listed 'Best First'.
Re^3: Insert the 4th TCP packet after TCP three-times handshakes by shanleiguang (Initiate) on May 03, 2005 at 14:57 UTC
If the initial sequence number of the other side could be predicted, blind tcp initial and inject(use a source ip address that not alive)may be possible.	[reply]
Re^4: Insert the 4th TCP packet after TCP three-times handshakes by cazz (Pilgrim) on May 03, 2005 at 15:04 UTC
There are lots of things good & bad that could be done with injecting of packets. The code does a connect, and then sends a packet by hand on its own connection. Sure, if the code looked for a handshake without creating one, then I could see claiming this code was evil, but thats not what this code does.	[reply]
Re^4: Insert the 4th TCP packet after TCP three-times handshakes by merlyn (Sage) on May 03, 2005 at 15:51 UTC
If the initial sequence number of the other side could be predicted, blind tcp initial and inject(use a source ip address that not alive)may be possible. See, now you've gone and set off my spidey sense again. Here you are, supporting my argument that you're up to no good with this code. If thre's a legitimate use for this code, would you please explain it? -- Randal L. Schwartz, Perl hacker Be sure to read my standard disclaimer if this is a reply.	[reply]
Re^4: Insert the 4th TCP packet after TCP three-times handshakes by shanleiguang (Initiate) on May 03, 2005 at 23:55 UTC
this script maybe useful to learn TCP/IP, so i post here	[reply]