Security Basics mailing list archives
Re: IP Session Hijacking And Spoofing
From: Svetoslav Gyurov <sve () pzmail org>
Date: Tue, 26 Nov 2002 00:11:09 +0200 (EET)
Yes but some or most of the routers in Internet are denying source routing in packet headers for security reasons, then what ? The best way leaves "man in middle" ?! And about sequence numbers, every distro is using different algorithms about generating them, isn't they ? On Fri, 22 Nov 2002, simsjs wrote:
With IP Spoofing there is no need to guess the sequence number since there is no session currently open with that IP address. The way that the traffic would get back to you is by using source routing. This is where you tell the network how to route the output and input from a session, then you simply sniff it from the network as it passes by you. But you have to make sure you put in a route that will both reach its destination and pass through your own network. As far as guessing the sequence numbering for session high-jacking, I really have no idea, but there are programs that will attempt to guess these for you. The one I am thinking of (whose name escapes me at the time) will allow you to watch a session, reset a session, or hijack it. Hope some of this helps. Jeff
Best regards, sve
Current thread:
- IP Session Hijacking And Spoofing LEHMANN, TODD (Nov 21)
- Re: IP Session Hijacking And Spoofing John Fastabend (Nov 22)
- RE: IP Session Hijacking And Spoofing Daniel R. Miessler (Nov 25)
- Re: IP Session Hijacking And Spoofing simsjs (Nov 25)
- Re: IP Session Hijacking And Spoofing Svetoslav Gyurov (Nov 26)
- <Possible follow-ups>
- RE: IP Session Hijacking And Spoofing Gene LeDuc (Nov 25)
- RE: IP Session Hijacking And Spoofing ALBEE,RUSSELL. S FC2 (CV63 CS5) (Nov 25)
- RE: IP Session Hijacking And Spoofing Svetoslav Gyurov (Nov 26)
- RE: IP Session Hijacking And Spoofing LEHMANN, TODD (Nov 26)
- RE: IP Session Hijacking And Spoofing John Fastabend (Nov 27)
- Re: IP Session Hijacking And Spoofing simsjs (Nov 26)