ID Field Encoding Each IP packet has an ID to allow packet defragmentation. Two bytes long Normally increments each time. Encode our data in the ID field Cannot correctly identify order - must send packets slowly Can't be part of a legit connection Sender must create raw IP packets Receiver must sniff IP packets One to two bytes per packet Works best on simple packet filters.
Copyright 2003, Bri Hatch of Onsight, Inc.
Presented at SecureWorld Expo, 2003.
Presentation created using vim and MagicPoint.