Questions tagged [tcp]
Transmission Control Protocol (TCP) is a transport layer protocol that provides a connection-oriented data stream service with guaranteed, in-order delivery.
328 questions
0
votes
0
answers
80
views
Stateful firewalls and the 'RELATED' state
For years, I've used the following to accept 'RELATED' packets:
...
/usr/sbin/iptables -P INPUT DROP
...
/usr/sbin/iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
...
Use the ...
- 1
1
vote
0
answers
25
views
What options are there for live output of nmap scan results? [duplicate]
I need to do a lot of potentially really slow 65k port sweeps and UDP scans. The problem I have is that the XML output (open ports, service probe results) appears only when the entire scan is complete....
- 11
0
votes
1
answer
142
views
How is packet injection performed for typical TCP game sessions?
I'm curious how packet injection could be done for games that establish a TCP session through a specific port (such as 443). More specifically, I'm wondering what can be done to inject packets into ...
2
votes
1
answer
95
views
What's the point of including time t in the hashed part of tcp SYN cookie?
My understanding
TCP SYN Cookie mitigates SYN Flood attack by allowing all information to be stored in the cookie itself and not storing anything on the server.
TCP SYN Cookie is implemented as the ...
- 123
1
vote
0
answers
114
views
Is disabling TCP state check a significant security loss in a firewall?
We have a higly dynamic and asymetrical network topology for a specific projet using FortiGate firewalls.
Because of asymetry, some communications are sometimes dropped because firewalls only see one ...
- 11
1
vote
1
answer
151
views
how to reset only TCP connections to my web server which are just TCP packets, but no further HTTP packets
How to reset only TCP connections to my web server which are just TCP packets, but no further HTTP packets.
Let's say I have a web server and users connect via browser (so, flow would be TCP handshake ...
0
votes
1
answer
262
views
Is TCP still more secure than UDP if all data is encrypted?
TCP is preferred over UDP for various reasons, security being one of them. Obviously, TCP is also preferred for various reason unrelated to security (e.g. error debugging).
So in the context of ...
- 4,795
2
votes
0
answers
117
views
TCP Packet Injection Mitigations
I'm trying to understand whether TCP packet injection into a plaintext protocol is possible within a switched network (or wherever there are no validations relating to IP legitimacy).
If I know there ...
- 51
0
votes
1
answer
145
views
Why does my Xbox One controller query out to Akamai Technologies when I plug it in? [closed]
Running wireshark, I've been having issues with my xbox controller I plug into my pc. When I plug it in, it immediately starts some communication with 23.32.109.224. So I firewalled that address out, ...
- 101
13
votes
4
answers
9k
views
What security risks are involved in using older HTTP protocols such as HTTP/1.x that would justify upgrading to HTTP/2 or HTTP/3?
As of 2023, still many webservers support HTTP/1.0 and HTTP/1.1 while not supporting recent HTTP/2 and/or HTTP/3 protocols. I understand that newer HTTP versions offer various performance enhancements,...
- 7,715
0
votes
4
answers
1k
views
Is HTTP/0.9 considered "End-of-Life" (EOL) due to security vulnerabilities or risks?
I'm exploring the history and evolution of the HTTP protocol and I know that HTTP/0.9 is generally not used anymore. It's clear how features evolved in newer HTTP versions and how primitive HTTP/0.9 ...
- 7,715
0
votes
1
answer
391
views
Is HTTP/1.0 inherently more susceptible to denial-of-service (DoS) attacks?
I'm looking into HTTP version specific risks. HTTP 1.0 lacks support for persistent connections, meaning each request/response pair requires a new TCP connection to be established.
Considering the ...
- 7,715
0
votes
1
answer
239
views
TCP connection scrambling to evade tracking
There was a project on GitHub that (was going to, if it hadn't been abandoned) modify TCP fields in order to evade packet sniffing. It explains in specifics how this would work here. In particular, ...
- 209
-1
votes
1
answer
138
views
TCP packets containing machine code
Is it possible that an attacker puts machine code on a TCP packet? In a way that before passing to the CPU and getting an error that such a function doesn't exist on the application, it first needs to ...
- 3
0
votes
2
answers
293
views
Modify the protocol of a packet
Is it possible that for example there is a TCP packet, and using a proxy, you intercept it and using a tool you change the protocol entirely? Like for example from TCP to UDP or any other custom ...
- 3
0
votes
1
answer
220
views
Arbitrary command execution on remote devices
Is it possible to send a TCP payload to an open port that executes a specific arbitrary command on the target device using Metasploit or any other program? For example with Windows 10 Server OS?
I ...
- 3
0
votes
0
answers
119
views
Securing an internal tcp proxy
I am developing a TCP-Proxy in C#/.NET using dotNetty (Port of Netty). The proxy is translating messages between two different systems. It will be hosted on a server in the company network, so it is ...
- 101
1
vote
0
answers
658
views
Possible to determine who on the Internet is resetting (RST) my TCP connection? [closed]
I am investigating censorship in India, and know with a high degree of confidence that it is being blocked based on the SNI extension in the TLS ClientHello.
I am in control of both the Client (in ...
- 63
3
votes
1
answer
438
views
Next movement in IoT pentest when you have restricted information
I am a newbie cyber security engineer working on IoT. Today, a task is given to me. The task was making pentest to a cooker. Because of the privacy, I cannot share the brand of the cooker. The cooker ...
1
vote
0
answers
971
views
How would you hide yourself whilst conducting a scan on a target network to identify open service ports?
I am working on this question which asks how you would conduct a scan of a target network to identify open service ports without revealing your IP address. It wants details such as IP address ...
- 111
1
vote
1
answer
1k
views
Security Implications of Allowing TCP Forwarding to Use vscode-server
While setting up a new VPS instance running Ubuntu, I found that I needed to set AllowTcpForwarding yes in /etc/ssh/sshd_config to achieve a remote VS Code connection. I am and will be the sole user ...
- 111
1
vote
0
answers
133
views
What is sequence number and why is it used as the ACK number for the next ACK packet? [closed]
I am currently trying to learn the TCP session creating (3 way handshake) process in detail. I was wondering what the sequence number means and also why is the ack num for the next ACK packet always ...
- 11
1
vote
0
answers
2k
views
SSL handshake failure | Client hello(success) -> Server ACK (success) -> server RST (connection closed)
I was running MQTT broker in my pc and tried to connect to it via mqtt client in same PC. using x509 cert for mutual tls. SSL Handshake was failing with RST from server. This was happening only in my ...
- 11
0
votes
1
answer
125
views
Would XerXes be effective without sending anything over the connections it opens?
From what I gathered, the gist of XerXes is doing this (snippet in Python):
with socket(AF_INET, SOCK_STREAM) as s:
s.connect((host, port))
s.send(b"0")
simultaneously, i.e. ...
- 137
6
votes
4
answers
1k
views
How can non-root intercept privileged loopback ports?
Please walk through how an attacker can intercept Chrome's connection to 127.0.0.1:999, as suggested by the warning below.
This warning is consitently displayed across many versions of Chrome in many ...
- 389
1
vote
0
answers
127
views
Does it ever make sense to use TLS for communication that only happens internally on one machine? [duplicate]
If two processes on the same machine communicate over TCP, is it possible for different users to listen in on this communication?
- 537
0
votes
2
answers
591
views
What can a hacker do with my tcp connection?
I have a tcp server at Google cloud platform. This talks to my clients under a dynamic encryption key that will change after each time they talk.
The only thing that happens between the server and the ...
0
votes
1
answer
218
views
Honeyd not responding to TCP
I'm having some issues getting Honeyd to work properly on an external network interface on Ubuntu 20 LTS running on a Proxmox server. I'm fairly sure it's a configuration/setup problem on the VM I'm ...
- 1
2
votes
1
answer
1k
views
How SSL Protects against Replay Attacks?
Reading: https://mulloverthing.com/how-does-ssl-protect-against-replay-attack/ it says:
The SSL/TLS channel itself is protected against replay attacks using
the MAC (Message Authentication Code), ...
- 19
1
vote
2
answers
1k
views
TCP with IP Spoofing, Is It Really Impossible?
I was reading: IP Spoofing with real IP when TCP 3-way handshake has been made
Where the answer says:
First of all, every TCP packet has a sequential identifier, which
starts at a random position. (...
- 11
2
votes
0
answers
8k
views
How to decrypt a tls1.3 tcp packets in wireshark
I generated the public and private key with
openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout server_key.pem -out cert.pem
and I am using c sockets for the server and client with openssl, ...
- 21
0
votes
1
answer
32k
views
I am trying to exploit port 7000/tcp afs3-fileserver
I have been trying to exploit a cheap smart tv box that I have bought a while ago and after my nmap scan I found that port 7000/tcp was open but researching about the port gave back not much ...
- 1
1
vote
0
answers
198
views
When passing through SSL from web server A to web server B (via nginx), does web server A need SSL configured as well, or just web server B?
I'm using nginx here as an example, but this is really more of a conceptual question about SSL termination and TCP that could apply to any web server.
Basically, if web server A receives TCP traffic ...
- 111
0
votes
1
answer
400
views
Detect port forwarding
If there are 3 machines A, B and C and A communicate directly with B (A -> B) but B is executing port fordwarding with the next command
socat TCP4-LISTEN:443,fork TCP4:<ip machine C>:443
So ...
- 43
1
vote
1
answer
1k
views
Spoofing TCP/IP headers and uniqueness of the host name
I have some related questions:
Is it possible to spoof the source address in the TCP/IP header when using HTTPS?
If possible, is there any way to detect source address change? I think the checksum is ...
- 391
0
votes
1
answer
2k
views
SCP to create security groups in member AWS account
I'm trying to create a SCP to restrict member account users to create/modify security group(s) that have inbound rule for SSH/RDP with Source set as 0.0.0.0 or ::/0.
Basically, I want users to SSH ...
- 525
1
vote
1
answer
604
views
Repeated DUP ACK and RST to same TCP SEQ and ACK
I started noticing this behaviour for more than a month. Whenever I connect my laptop to the WiFi router there are lots of RST and DUP ACKs up to the same TCP sequence, as given in the example below, ...
- 11
0
votes
1
answer
232
views
The router (that my PC is connected to) is continuously attempting to connect through TCP80. What would be the reasons?
I have no access to the router nor do I have any administrative access to this local network. But every 5 minutes the router attempts to connect to my PC through port 80/tcp, and it attempts exactly 4 ...
- 1
0
votes
1
answer
1k
views
How to properly secure a tcp server/client application
I have developed a multithreaded server/client python application, my next goal is to encrypt the traffic between both parties but I can't tell where should I invest all my research energy in
Using ...
1
vote
1
answer
729
views
Can my ISP or government listen to my Skype calls?
Is the call encrypted with something like HTTPS to prevent a corrupt government (or ISP) from messing with the DNS routing, sniffing, snooping etc? Can my ISP or government listen to my Skype calls?
I'...
- 11
2
votes
2
answers
278
views
Is an open TCP port that doesn’t take input secure?
I have written a simple C program (~30 lines) that opens an internet socket and sends data to the client on every connection. The program never read()s from the socket; it just parses the /proc ...
- 123
3
votes
1
answer
2k
views
ARP spoofing on TCP and UDP
Statement (In Interview):
ARP spoofing attacks are more effective for UDP packets rather than
TCP packets since TCP establishes reliable communication channels.
I have opposed the statement saying ...
- 153
2
votes
1
answer
242
views
Is this TCP socket encryption and password storage implementations secure enough?
I'd like to know if this communication technique is secure enough against attacks, both on the connection itself and the password-storing procedures.
Both the client and the server have access to 2 ...
- 23
0
votes
1
answer
845
views
Can't find anomalies / abnormalities in wireshark capture
Previous post was deleted for not enough context, which I apologise for. I will try to provide as much context as I can. I am aware this appears to be an example of a SYN flood attack with spoofed ip ...
0
votes
2
answers
1k
views
Tool for injecting data in existing tcp connection
I would like to perform arp spoofing on an existing tcp connection between a server and a client and perform a mitm attack. In addition to altering existing packets, I would like to be able to inject ...
29
votes
3
answers
12k
views
Disadvantages of replacing TCP/IP with blockchain
I read this blog (cached version) (and the related cached tweet) about replacing TCP/IP with blockchain.
Tweet:
The Internet has a serious fundamental flaw: the transmission control protocol/internet ...
- 467
1
vote
1
answer
299
views
Real-world application of network steganography
I recently came across a topic of network steganography, mostly connected with modifying the headers of IP, TCP, ICMP. I was looking for some real-world examples of malware that uses it. I only found ...
- 111
0
votes
1
answer
226
views
Can Mirai scan reach devices behind routers?
I recently saw this article of a version of Mirai being spread to Android based devices via ADB enabled. My question relates to how Mirai does scanning.
Lets assume I have a Android based device (like ...
- 1,105
3
votes
3
answers
292
views
What prevents this specific type of attack from being viable?
Imagine a user has an ip of 1.2.3.4
The server the user intends to connect to has an ip of 2.3.4.5
An attacker has a machine with a promiscuous network card on the user's local network.
The attacker ...
user258111
0
votes
1
answer
246
views
Why ACK flood is effective?
I understand that SYN flood is effective due to how protocol works, waiting around 75 seconds before closing the connection.
What about ACK flood, what does it happen on the destination side that ...
- 5