SecurityFocus

TCP/IP security vulnerability disclosed Apr 01 2008 12:05PM
J. Oquendo (sil infiltrated net)

Infiltrated Networks Vulnerability Disclosure
TCP/IP is broken

Overview TCP/IP

Transmission Control Protocol/Internet Protocol is the basic
communication language or protocol of the Internet. It can also be used
as a communications protocol in a private network (either an intranet or
an extranet). When you are set up with direct access to the Internet,
your computer is provided with a copy of the TCP/IP program just as
every other computer that you may send messages to or get information
from also has a copy of TCP/IP.

TCP/IP is a two-layer program. The higher layer, Transmission Control
Protocol, manages the assembling of a message or file into smaller
packets that are transmitted over the Internet and received by a TCP
layer that reassembles the packets into the original message. The lower
layer, Internet Protocol, handles the address part of each packet so
that it gets to the right destination. Each gateway computer on the
network checks this address to see where to forward the message. Even
though some packets from the same message are routed differently than
others, they'll be reassembled at the destination.

I. Description

TCP/IP uses the client/server model of communication in which a computer
user (a client) requests and is provided a service (such as sending a
Web page) by another computer (a server) in the network. TCP/IP
communication is primarily point-to-point, meaning each communication is
from one point (or host computer) in the network to another point or
host computer.

By disconnecting the client between a connection, the server can no
longer reach its destination thus breaking TCP/IP.

II. Impact

A remote or local attacker can unplug an ethernet cable, unplug a switch
or router or bring down an interface and disrupt TCP/IP services.

III. Solution

We are currently working to develop and implement a new RFC labeled
TCP/IP HOKE - Transmission Control Protocol/Internet Protocol Hamster
Operated Kintec Energy.

TCP/IP HOKE will allow hamsters to act as a medium between an end users
failed equipment (RJ45, Routers, etal).

http://www.infiltrated.net/spx/HOKE.jpg

It is unnecessary to use relativistic mechanics (the theory of
relativity as expounded by Albert Einstein) to calculate the kinetic
energy created by little hamsters. We just know that if those fuzzy
little rats run fast enough, they can generate enough kinetic energy for
a brief duration of time. Long enough perhaps for an end user to replace
an ethernet cable, reboot a router, etal.

Systems Affected
Every interconnected computer on the planet.

Credit:
Si4gT3F1ZW5kbyBzaWxAaW5maWx0cmF0ZWQubmV0Cg==

This document was written by an undercaffeinated engineer.
http://www.infiltrated.net/TCP-IP-HOKE.pimp

If you have feedback, comments, or additional information about this
vulnerability, please keep them to yourself.

--
====================================================
J. Oquendo

SGFA #579 (FW+VPN v4.1)
SGFE #574 (FW+VPN v4.1)

wget -qO - www.infiltrated.net/sig|perl

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x3AC173DB

0? *?H?÷
?0?10 +0? *?H?÷
?0??0?r 'ôêôz?Än»n©0
*?H?÷
0o10 USE10U
AddTrust AB1&0$UAddTrust External TTP Network1"0 UAddTrust External CA Root0
050607080910Z
200530104838Z0®10 UUS10 UUT10USalt Lake City10U
The USERTRUST Network1!0Uhttp://www.usertrust.com1604U-UTN-USERFirst-Clien
t Authentication and Email0?"0
*?H?÷
?0?
?²9?¤ò}«A;bF7®ÍÁ`u¼9eùJG¢¹ÌHÌj?ÕM5¹¤BåÎIâ?/|Ò1ÇN´?d.)Õ¢dÄ?½?Q5y¤
Nh{z¤?¨ò?ò?ÌÉ¤2?»O0½? ?ån¢Fúx¼¢o«Y^¥/ÏÊÚmª/ë¬¡³jª·.g5?yái?âæFÍ ¥ê¾Îv:z?êüÚ'[=s"æHaÆ
Lói±¨.¶Ô1 ,¼???¤¥×?CüZ¯q×YÚº?
¯úóáÂð¤Åg?ÖÖT:Þ
¤ºw³eÈýÓtbªÊh?¡?~õGeËøMW(tÒ4ÿ0¶îöb0?,ë£á0Þ0U#0?½?z4´
&÷úÄ&Tï½à$ËT0U??g}Ä&pK´PH|Þ=®n}0Uÿ0Uÿ
0ÿ0{Ut0r08 6 4?2http://crl.comodoca.com/AddTrustExternalCARoot.c
rl06 4 2?0http://crl.comodo.net/AddTrustExternalCARoot.crl0
*?H?÷
?Ø?o(¬¦¢ç?Á?Û~¡ýóâð©?TBk? Ä m×?fyCqüøo¯ÛvEâ7=ÝäYx¬ô?FózÏ[?r-åFÁº)óËIy?<ºm¤mhOr6¨¹±ý¿Ï
ð¤j?5PÏmU±ÝY0Jßm ?dI|ï6»ôãiôø9ZK?:·íÓÏ
D¢û¿ä/p?%ûZT³ÐÄ¼mûs2,é??$-Ö?zhP?MéÌõ»gèÜ.;üNÍþ?ã¨
¥&DeéòMR§®Ü>Êk2\Alþõ] êÿÑú??Xm=?Gåþ.?ÂÌ?¡ò»0?;0?# Çêæ¦yâ²?ó
ójWÀ0
*?H?÷
0®10 UUS10 UUT10USalt Lake City10U
The USERTRUST Network1!0Uhttp://www.usertrust.com1604U-UTN-USERFirst-Clien
t Authentication and Email0
071009000000Z
081008235959Z0Ù1503U,Comodo Trust Network - PERSONA NOT VALIDATED1F0DU=Terms and Conditions of use: http://www.comodo.net/repository10U(c)2003 Comodo Limited10U
J. Oquendo1"0 *?H?÷
sil (at) infiltrated (dot) net0 [email concealed]?"0
*?H?÷
?0?
?¼Î?ÁL{ÐocÂùfÄ5j?¼lRë*ZpâA5&ØÇ*z??¤u?¤d_±mAV,p!2
Ã1àE]£ O,'ÈÖd©µØå¹A!ñj?+*n»X®6á³¦T¯VMk?Wm»[Y¥í+a¥KÍv§ËÌ½~,/rVÁ*?µ?L¬þëäl¾
??¹Ú¡|´,Â³fyýQÅá.Z±<?âêgöÎË_?- =´Ú?}×D?1?_°¼S?ª¦3Q
¹¸«Æ£Í?iWOÕáXæ?¹«8æíÙ`¼§õ#Fæ?µé;.|.ÎOR`?tH?£?%0?!0U
#0???g}Ä&pK´PH|Þ=®n}0UÏN#ÍÙ?jÉË/º:Ã?ðd]x0Uÿ
0Uÿ00 U%0++²10 `?H?øB 0FU ?0=0;+²10+0)+https://secure.comodo.net/CPS0¥U0?0
L J H?Fhttp://crl.comodoca.com/UTN-USERFirst-ClientAuthenticationandEmai
l.crl0J H F?Dhttp://crl.comodo.net/UTN-USERFirst-ClientAuthenticationand
Email.crl0|+p0n06+0?*http://crt.comodoca.com/UTNAAACli
entCA.crt04+0?(http://crt.comodo.net/UTNAAAClientCA.crt0U
0sil (at) infiltrated (dot) net0 [email concealed]
*?H?÷
?¿¦ÃÆ3GL§7
x4?ÞõE"`¡Èw?R!gµE]nËÙLíh¹uOÒö%?Ùdâ??ÚJ¼(WnZ?·×Naëù+1( qiÔªE
ûOµ <a( k?á¢loq[éô?uZ´gÊË³ -0ïZÅÛZ$HQØ<??ÐæêaMiB?,P½ fu©ZðØëaùv%IÀ8???¤_AÀ@_Õõãè(
ÿqÁ#mñÔ¯?÷,!?"¡??®é£2rañgúf Ö>ú??.R=Äi~ëä¤V#?ÉTpcê£°$ ??taupNt¬& ïfÎh??rZøÌ ?0?;0?# Çêæ¦yâ²?óójWÀ0
*?H?÷
0®10 UUS10 UUT10USalt Lake City10U
The USERTRUST Network1!0Uhttp://www.usertrust.com1604U-UTN-USERFirst-Clien
t Authentication and Email0
071009000000Z
081008235959Z0Ù1503U,Comodo Trust Network - PERSONA NOT VALIDATED1F0DU=Terms and Conditions of use: http://www.comodo.net/repository10U(c)2003 Comodo Limited10U
J. Oquendo1"0 *?H?÷
sil (at) infiltrated (dot) net0 [email concealed]?"0
*?H?÷
?0?
?¼Î?ÁL{ÐocÂùfÄ5j?¼lRë*ZpâA5&ØÇ*z??¤u?¤d_±mAV,p!2
Ã1àE]£ O,'ÈÖd©µØå¹A!ñj?+*n»X®6á³¦T¯VMk?Wm»[Y¥í+a¥KÍv§ËÌ½~,/rVÁ*?µ?L¬þëäl¾
??¹Ú¡|´,Â³fyýQÅá.Z±<?âêgöÎË_?- =´Ú?}×D?1?_°¼S?ª¦3Q
¹¸«Æ£Í?iWOÕáXæ?¹«8æíÙ`¼§õ#Fæ?µé;.|.ÎOR`?tH?£?%0?!0U
#0???g}Ä&pK´PH|Þ=®n}0UÏN#ÍÙ?jÉË/º:Ã?ðd]x0Uÿ
0Uÿ00 U%0++²10 `?H?øB 0FU ?0=0;+²10+0)+https://secure.comodo.net/CPS0¥U0?0
L J H?Fhttp://crl.comodoca.com/UTN-USERFirst-ClientAuthenticationandEmai
l.crl0J H F?Dhttp://crl.comodo.net/UTN-USERFirst-ClientAuthenticationand
Email.crl0|+p0n06+0?*http://crt.comodoca.com/UTNAAACli
entCA.crt04+0?(http://crt.comodo.net/UTNAAAClientCA.crt0U
0sil (at) infiltrated (dot) net0 [email concealed]
*?H?÷
?¿¦ÃÆ3GL§7
x4?ÞõE"`¡Èw?R!gµE]nËÙLíh¹uOÒö%?Ùdâ??ÚJ¼(WnZ?·×Naëù+1( qiÔªE
ûOµ <a( k?á¢loq[éô?uZ´gÊË³ -0ïZÅÛZ$HQØ<??ÐæêaMiB?,P½ fu©ZðØëaùv%IÀ8???¤_AÀ@_Õõãè(
ÿqÁ#mñÔ¯?÷,!?"¡??®é£2rañgúf Ö>ú??.R=Äi~ëä¤V#?ÉTpcê£°$ ??taupNt¬& ïfÎh??rZøÌ ?1?S0?O0Ä0®10 UUS10 UUT10USalt Lake City10U
The USERTRUST Network1!0Uhttp://www.usertrust.com1604U-UTN-USERFirst-Clien
t Authentication and EmailÇêæ¦yâ²?óójWÀ0 + ?c0 *?H?÷
1 *?H?÷
0 *?H?÷
1
080401120559Z0# *?H?÷
1?J'Ð??CËÍx?0R *?H?÷
1E0C0
*?H?÷
0*?H?÷
?0
*?H?÷
@0+0
*?H?÷
(0Õ +?71Ç0Ä0®10 UUS10 UUT10USalt Lake City10U
The USERTRUST Network1!0Uhttp://www.usertrust.com1604U-UTN-USERFirst-Clien
t Authentication and EmailÇêæ¦yâ²?óójWÀ0×*?H?÷
1Ç Ä0®10 UUS10 UUT10USalt Lake City10U
The USERTRUST Network1!0Uhttp://www.usertrust.com1604U-UTN-USERFirst-Clien
t Authentication and EmailÇêæ¦yâ²?óójWÀ0
*?H?÷
?8ïá×û¢?«FÚtwkáí#
z/¾?z%Æ[SYHt6"2Ñ·Þ|?ëSý8BÇ qÍ@yTBÂæÂÖ?Võab?1´ûn?X¼A?*¥?I vúp?÷d.h0??íxn¡ÚR?¢i#?¸ú_w´nJ±
S®[¬2³5[Ëj?¨?Å¢îÜ{Ç~ÞQFQ?VµrÓ¹0'®:??ÝÆ?m?ÏÄC?ÕÎ??Ë??ýzç¿÷KLbµÂäc
Pßã=^¶s?UAØÁ^?å´æW±¥LÐÆP=º-A±7pÆ6Ç¸®²?¦2\©®:,#@TS

[ reply ]