Firewall Wizards mailing list archives
Session hijacking, source-routes
From: Ken Hardy <ken () bridge com>
Date: Wed, 10 Feb 1999 09:44:57 -0600 (CST)
Can a TCP session be hijacked if the target system rejects source-routed IP packets? If I understand the process correctly, the attacker quells the legitimate client with a DOS attack and gets the server to route the packets to himself instead after having observed the proper sequence numbers to use. (No real significance to use of client/server here -- could work against either end of the TCP connection.) If my f/w rejects all source-routed packets, are its connections immune to session hijacking, or does this (or can this) work another way? -- KH
Current thread:
- Session hijacking, source-routes Ken Hardy (Feb 10)
- Re: Session hijacking, source-routes Bennett Todd (Feb 10)
- Re: Session hijacking, source-routes Paul D. Robertson (Feb 10)
- Re: Session hijacking, source-routes Ken Hardy (Feb 11)
- Re: Session hijacking, source-routes Cohen Liota (Feb 11)
- <Possible follow-ups>
- Re: Session hijacking, source-routes Ryan Russell (Feb 10)