Vulnerability Development mailing list archives

Re: IP Spoofing with DHCP ?

From: Nathan Einwechter <ceo () investigatecanada com>
Date: Mon, 18 Sep 2000 15:09:57 -0400

Actually, this has been an attack which has been demonstrated, written on,
and used in the cable networks which are currently present.

What you can do is basically DoS, or wait, untill the other persons box is
down. At this point, it is possible to statically assign your IP to the same
as yours.

Using this method, you can effectively frame someone for doing net attacks
etc. There may be other interesting things you can do with this hijacking of
the IP though, which I haven't thought of. It is also possible to hijack an
SSL or HTTPS session if this is done with the right timing, and a packet
sniffer is utilised. I have actually demonstrated this a few times in the
past.

Hope this helps.

-- Nathan Einwechter
   (PsychoSpy)

Current thread:

IP Spoofing with DHCP ? Skreel (Sep 17)
- Re: IP Spoofing with DHCP ? Matthew S. Hallacy (Sep 18)
- Re: IP Spoofing with DHCP ? Alon Oz (Sep 18)
- Re: IP Spoofing with DHCP ? Nathan Einwechter (Sep 19)
  - CGI scripts in sh Crypteria (Sep 20)
    - Re: CGI scripts in sh Mark Rafn (Sep 21)
    - Serv-U FTP deals makes connections with www.cat-soft.com [ KoSaK ] (Sep 22)
    - Re: Serv-U FTP deals makes connections with www.cat-soft.com Dimitry Andric (Sep 22)
    - Re: CGI scripts in sh Crispin Cowan (Sep 21)
    - Re: CGI scripts in sh Gordon Messmer (Sep 21)
    - Re: CGI scripts in sh Lincoln Yeoh (Sep 22)
    - Re: CGI scripts in sh Crispin Cowan (Sep 23)
    - Re: CGI scripts in sh -jf- (Sep 22)
    - C versus other languages, round 538 or so (Re: CGI scripts in sh) Bluefish (P.Magnusson) (Sep 23)

(Thread continues...)