Can anyone give a detailed explaination about why land attack works on
some TCP/IP stack (say BSD-derived)? Which loop is trapped in by this
"self-connect" request? What's the state transition internally? I can't
figure it out.
A related question is I can't use tcpdump get any output from the victim
machine, once it is received the "self-connect" request, it freeze, not
even a ACK packet. (I am trying it on FreeBSD 2.2.5)
Any information is appreciated.