Is there a diagram or a video? I'm not a professional IT guy so I'm gunna need something of a tutorial! HAHA!
On Thu, Jan 19, 2012 at 11:22 AM, xD 0x41 <[email protected]> wrote: > On 18 January 2012 09:45, Jan Wrobel <[email protected]> wrote: > > Hi, > > > > This TCP session hijacking technique might be of interest to some of you. > > > > Abstract: > > The paper demonstrates how traffic load of a shared packet queue can > > be exploited as a side channel through which protected information > > leaks to an off-path attacker. The attacker sends to a victim a > > sequence of identical spoofed segments. The victim responds to each > > segment in the sequence (the sequence is reflected by the victim) if > > the segments satisfy a certain condition tested by the attacker. The > > responses do not reach the attacker directly, but induce extra load on > > a routing queue shared between the victim and the attacker. Increased > > processing time of packets traversing the queue reveal that the tested > > condition was true. The paper concentrates on the TCP, but the > > -- Robert Q Kim High Volume and Digital Printing Company in Seoul http://www.youtube.com/watch?v=CaWEWl8saHw San Diego, CA 92007 310 598 1606
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
