[Snort-sigs] Signature Definition #460, 5 of 20 and Signature Definition # 458

Steven Alexander alexander.s at ...1565...
Tue Jun 10 08:28:07 EDT 2003


> -----Original Message-----
> From: Esler, Joel Contractor [mailto:EslerJ at ...785...] 
> Sent: Tuesday, June 10, 2003 3:06 AM
> To: Steven Alexander; snort-sigs at lists.sourceforge.net
> Subject: RE: [Snort-sigs] Signature Definition #460, 5 of 20 
> and Signature Definition # 458
> 
> 
> So there is no hacker tool that can craft packets like that? 
> I beg to differ.
> 
> J
> 

There are tools that will craft any sort of packet that you want
(sendip).  I just haven't seen any tool that uses unassigned icmp types
to exploit or test for any sort of vulnerability.  I haven't seen a tool
that sends such a packet without the user having to specifically choose
the options.  If you have a tool that uses these options to exploit or
test for a vulnerability I would love to know what you're using.

-steven




More information about the Snort-sigs mailing list