Re: IP Session Hijacking And Spoofing

[Svetoslav Gyurov <sve () pzmail org>]

Yes but some or most of the routers in Internet are denying source routing
in packet headers for security reasons, then what ? The best way leaves
"man in middle" ?!

And about sequence numbers, every distro is using different algorithms
about generating them, isn't they ?


On Fri, 22 Nov 2002, simsjs wrote:

> With IP Spoofing there is no need to guess the sequence number since there is no session currently open with that IP 
> address. The way that the traffic would get back to you is by using source routing. This is where you tell the 
> network how to route the output and input from a session, then you simply sniff it from the network as it passes by 
> you. But you have to make sure you put in a route that will both reach its destination and pass through your own 
> network.
>
> As far as guessing the sequence numbering for session high-jacking, I really have no idea, but there are programs 
> that will attempt to guess these for you. The one I am thinking of (whose name escapes me at the time) will allow you 
> to watch a session, reset a session, or hijack it.
>
> Hope some of this helps.
>
> Jeff


Best regards, sve