Firewall Wizards mailing list archives

Re: IP Spoofing.

From: "Steven M. Bellovin" <smb () research att com>
Date: Sun, 19 Sep 1999 11:12:59 -0400

In message <v04205502b4089b713655@[10.1.1.212]>, "Christopher C. Petro" writes:

Ok, this is probably not the kind of request that most of you will 
want to answer, but I just got in an argument with my boss about IP 
spoofing. He claims it is not possible to spoof an IP number, whilst 
I am almost certain it is.

Could anyone provide me with a link or pointer to information that I 
could use to prove him wrong, or to information that proves me wrong?


If by "IP number" you mean IP address -- yes, you're quite correct.  See, for 
example, 
http://www.cert.org/advisories/CA-95.01.IP.spoofing.attacks.and.hijacked.terminal.connections.html 
or http://www.research.att.com/~smb/papers/ipext.ps (.pdf also available).

There's a lot more besides.

                --Steve Bellovin

Current thread:

RE: IP Spoofing., (continued)
- RE: IP Spoofing. Joseph Williams (Sep 20)
- Re: IP Spoofing. altellez (Sep 21)
- Re: IP Spoofing. Carric Dooley (Sep 28)
  - Re: IP Spoofing. Randy Witlicki (Sep 29)
    - Re: IP Spoofing. Paul D. Robertson (Sep 30)
    - Re: IP Spoofing. Peter J. Kunz (Sep 30)
    - Re: IP Spoofing. Ivan Arce (Sep 30)
    - Re: IP Spoofing. Emiliano Kargieman (Sep 30)
  - RE: IP Spoofing. Kurt Buff (Sep 30)
    - RE: IP Spoofing. Rick Smith (Sep 30)
- Re: IP Spoofing. Steven M. Bellovin (Sep 19)
- Re: IP Spoofing. Robert Graham (Sep 21)