Security Basics mailing list archives
Re: Spoofing an IP over the internet
From: Alexander Klimov <alserkli () inbox ru>
Date: Mon, 22 Nov 2004 22:14:59 +0200 (IST)
Hi. On Mon, 22 Nov 2004, Simon wrote:
I'm currently working in dealing with a possible DoS attack, where the user would send TCP/IP packets to the webserver with different information. Currently, I create a new Session ID if the pair [IPaddress/UserAgent] is not found. It would be easy for a hacker to just set UserAgent to an incrementing number, until the disk is filled with sessions. However, it would be very simple to just verify that one IP cannot have more than one UserAgent associated with it.
Unfortunately life is not so straightforward: a lot of legitimate users can have single IP due to proxies. Regards, ASK
Current thread:
- Spoofing an IP over the internet Simon (Nov 22)
- Re: Spoofing an IP over the internet Alexander Klimov (Nov 22)
- Re: Spoofing an IP over the internet Simon (Nov 26)
- Re: Spoofing an IP over the internet Nuno Costa (Nov 27)
- Re: Spoofing an IP over the internet Simon (Nov 26)
- RE: Spoofing an IP over the internet Philip Wagenaar (Nov 22)
- RE: Spoofing an IP over the internet David Gillett (Nov 23)
- Re: Spoofing an IP over the internet Simon (Nov 24)
- Re: Spoofing an IP over the internet Simon (Nov 26)
- RE: Spoofing an IP over the internet David Gillett (Nov 23)
- <Possible follow-ups>
- RE: Spoofing an IP over the internet Steven Trewick (Nov 27)
- Re: Spoofing an IP over the internet Alexander Klimov (Nov 22)