lug-bg: [SECURITY-BASICS] TCP Hijacking -newbie- (fwd)
- Subject: lug-bg: [SECURITY-BASICS] TCP Hijacking -newbie- (fwd)
- From: firedust@xxxxxxx (Stanislav Lechev (AngelFire))
- Date: Fri, 13 Apr 2001 12:09:10 +0300 (EEST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
eto wi oshte edna interesna tema :)
- -===========================================================================-
Regards, AngelFire
Stanislav Lechev <firedust@xxxxxxx>
PGP Key: http://firedust.vega.bg/pgp/StanislavLechev.asc
- -===========================================================================-
- ---------- Forwarded message ----------
Date: Thu, 12 Apr 2001 09:09:23 -0700
From: "Savkovic, David (EDS)" <David.Savkovic@xxxxxxxxxx>
To: SECURITY-BASICS@xxxxxxxxxxxxxxxxx
Subject: [SECURITY-BASICS] TCP Hijacking -newbie-
Here is the scenario: A business partner of mine and I were transferring
some documents last night. We opened a password protected net bios session
for a few minutes. During the transfer, my firewall(Black Ice) detected a
TCP data changed /hijacking attempt. Here is the link to their ADVICE
section: http://advice.networkice.com/advice/intrusions/2000320/default.htm
I have been reading up on this, but I cannot find detailed information on
exactly what happened. I would like an exact description of how something
like this could be accomplished.
We are both using Windows ME and on a cable ISP. Obviously, we killed the
session and will be using a VPN next time with Win 2K and encrypting the
docs. So much for shortcuts...
Thanks in advance for your help.
Security Newbster,
David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: Made with pgp4pine 1.75-6
iD8DBQE61sI48RPXBhiMqewRAs/PAJ4p0ZXVG8A8+fHt3vwF0Suw+UiuXwCfdurl
dpQmDVCniC2a1+lOrgXsHZY=
=lv5M
-----END PGP SIGNATURE-----
===========================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora
|