CAPEC-319: IP (DF) 'Don't Fragment Bit' Echoing Probe

Detailed Stable 严重程度: Low 攻击可能性: Medium

CAPEC版本: 3.9

更新日期: 2023-01-24

攻击模式描述

This OS fingerprinting probe tests to determine if the remote host echoes back the IP 'DF' (Don't Fragment) bit in a response packet. An attacker sends a UDP datagram with the DF bit set to a closed port on the remote host to observe whether the 'DF' bit is set in the response packet. Some operating systems will echo the bit in the ICMP error message while others will zero out the bit in the response packet.

后果影响

影响范围: Confidentiality

技术影响: Read Data

影响范围: Confidentiality Access Control Authorization

技术影响: Bypass Protection Mechanism

关键信息

CAPEC ID: CAPEC-319

抽象级别: Detailed

状态: Stable

典型严重程度: Low

攻击可能性: Medium

CAPEC-319: IP (DF) 'Don't Fragment Bit' Echoing Probe

攻击模式描述

后果影响

关键信息

相关攻击模式

相关CWE弱点

CAPEC-319: IP (DF) 'Don't Fragment Bit' Echoing Probe

攻击模式描述

后果影响

关键信息

相关攻击模式

ChildOf CAPEC-312

相关CWE弱点