CAPEC-328: TCP 'RST' Flag Checksum Probe
CAPEC版本: 3.9
更新日期: 2023-01-24
攻击模式描述
This OS fingerprinting probe performs a checksum on any ASCII data contained within the data portion or a RST packet. Some operating systems will report a human-readable text message in the payload of a 'RST' (reset) packet when specific types of connection errors occur. RFC 1122 allows text payloads within reset packets but not all operating systems or routers implement this functionality.
前提条件
- The ability to monitor and interact with network communications.Access to at least one host, and the privileges to interface with the network interface card.
所需资源
- A tool capable of sending and receiving packets from a remote system.
后果影响
影响范围: Confidentiality
技术影响: Read Data
影响范围: Confidentiality Access Control Authorization
技术影响: Bypass Protection Mechanism