I have this proxy firewall that's poorly set up, the TCP session sequence number always starts at 0, I know the trusted IP range, and there's no ingress control. What's the easiest way to blindly spoof a telnet session and set up a backdoor? I've got 2 days to demonstrate an attack and it would take me much longer to write a program from scratch.
Name:
Anonymous2009-04-05 18:58
Changing the DHCP could confuse an intruder a bit but it would require changing the DHCP config file on the router and I'm sure you can't do that with the normal tools on most routers. Also you'd need to change the router's subnet and IP so that the intruder can't find it just from remembering the old IP. And you need to remember not accidentally using the DHCP yourself. All in all, too much effort for too little gain in security.