Re^2: Insert the 4th TCP packet after TCP three-times handshakes

People seem to be overreacting here. You admittedly took only a brief look at the code, saw the use of raw IP, and assumed the worst. (And even made a consideration based on that). If raw IP is so terrible, why not campaign for the module to be removed from CPAN? Lots of things are potentially usable for "bad stuff", but aren't used that way. If we're not going to trust our fellow man to some degree, we might as well all stay home in bed all day.

Comment on Re^2: Insert the 4th TCP packet after TCP three-times handshakes

Replies are listed 'Best First'.
Re^3: Insert the 4th TCP packet after TCP three-times handshakes by merlyn (Sage) on May 04, 2005 at 11:17 UTC
You presume things that are not so. There's a lot more that went on in my head than your simplified model. Keep in mind that I've made it both a personal and professional interest over the years to understand ways to subvert authentication schemes and bypass firewalls and generally reek havoc. And also keep in mind that my default setting for any new encounter is "trust". I did in fact scan the code about half a dozen times, looking carefully at the design of the packets. I still don't completely understand what it starts to do, but there's obviously a lot of work going on, and that means that there's a payoff for the user. So, this thing smells. My spidey sense is not easily activated, and yet it was. Also, my initial observation was also supported later in the thread. This person is potentially up to no good, and has not yet shown anything to the contrary. This also contributes to a validation of my initial observations. I'm not as prejudiced as you think I might be. I'm wondering why you're so prejudiced about me. {sigh} -- Randal L. Schwartz, Perl hacker Be sure to read my standard disclaimer if this is a reply.	[reply]

Replies are listed 'Best First'.

Re^3: Insert the 4th TCP packet after TCP three-times handshakes
by merlyn (Sage) on May 04, 2005 at 11:17 UTC

Keep in mind that I've made it both a personal and professional interest over the years to understand ways to subvert authentication schemes and bypass firewalls and generally reek havoc.

And also keep in mind that my default setting for any new encounter is "trust".

I did in fact scan the code about half a dozen times, looking carefully at the design of the packets. I still don't completely understand what it starts to do, but there's obviously a lot of work going on, and that means that there's a payoff for the user.

So, this thing smells. My spidey sense is not easily activated, and yet it was.

Also, my initial observation was also supported later in the thread. This person is potentially up to no good, and has not yet shown anything to the contrary. This also contributes to a validation of my initial observations.

I'm not as prejudiced as you think I might be. I'm wondering why you're so prejudiced about me. {sigh}

-- Randal L. Schwartz, Perl hacker
Be sure to read my standard disclaimer if this is a reply.

[reply]