Simple Active Attack Against TCP
Merit Network, Inc.
4251 Plymouth Road, Suite C
Ann Arbor, MI 48105, USA
Phone: +1 (313) 936 2065
Fax: +1 (313) 747 3185
This paper describes an active attack against the Transport
Control Protocol (TCP) which allows a cracker to redirect the TCP
stream through his machine thereby permitting him to bypass the protection
offered by such a system as a one-time password [skey] or
ticketing authentication [kerberos]. The TCP connection is
vulnerable to anyone with a TCP packet sniffer and generator located on
the path followed by the connection. Some schemes to detect this
attack are presented as well as some methods of prevention and some
interesting details of the TCP protocol behaviors.
Download the full text of this paper in
ASCII (45,587 bytes),
POSTSCRIPT (269,276 bytes),
and PDF (319,517 bytes) form.
To Become a USENIX Member, please see our