undefined | Better HN

0 pointsz3t47y ago0 comments

How can you make a connection by guessing seq nr ? What is the firewall rule that allow such an attack ?

0 comments

My guess is that there were still some hosts allowed through the block (e.g. whatever is writing to that NAS), and that they were accessing the NAS with frequent new connections. The firewall only tracked transport layer state so the bad guy was able to hijack an existing session by sneaking in a correctly-numbered TCP segment inside an IP packet with his own IP address as the source.

j / k navigate · click thread line to collapse

0 pointsz3t47y ago0 comments

How can you make a connection by guessing seq nr ? What is the firewall rule that allow such an attack ?

0 comments

brianpgordon7y ago

j / k navigate · click thread line to collapse