all InfoSec news
Exploiting Sequence Number Leakage: TCP Hijacking in NAT-Enabled Wi-Fi Networks
April 9, 2024, 4:11 a.m. | Yuxiang Yang, Xuewei Feng, Qi Li, Kun Sun, Ziqiang Wang, Ke Xu
cs.CR updates on arXiv.org arxiv.org
Abstract: In this paper, we uncover a new side-channel vulnerability in the widely used NAT port preservation strategy and an insufficient reverse path validation strategy of Wi-Fi routers, which allows an off-path attacker to infer if there is one victim client in the same network communicating with another host on the Internet using TCP. After detecting the presence of TCP connections between the victim client and the server, the attacker can evict the original NAT mapping …
arxiv attacker channel client cs.cr exploiting hijacking nat network networks path port preservation reverse routers sequence number side-channel strategy tcp uncover validation victim vulnerability wi-fi wi-fi networks
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Senior Security Engineer
@ Core10 | Nashville, Tennessee, United States - Remote
Security Operations Engineer I
@ Jamf | US Remote
IT Security ISSO Specialist (15.10)
@ OCT Consulting, LLC | Washington, District of Columbia, United States
Compliance Officer
@ Aspire Software | Canada - Remote
Security Operations Center (SOC) - AVP
@ Paytm | Noida, Uttar Pradesh