Vulnerability Development mailing list archives
Re: IP Spoofing with DHCP ?
From: Nathan Einwechter <ceo () investigatecanada com>
Date: Mon, 18 Sep 2000 15:09:57 -0400
Actually, this has been an attack which has been demonstrated, written on, and used in the cable networks which are currently present. What you can do is basically DoS, or wait, untill the other persons box is down. At this point, it is possible to statically assign your IP to the same as yours. Using this method, you can effectively frame someone for doing net attacks etc. There may be other interesting things you can do with this hijacking of the IP though, which I haven't thought of. It is also possible to hijack an SSL or HTTPS session if this is done with the right timing, and a packet sniffer is utilised. I have actually demonstrated this a few times in the past. Hope this helps. -- Nathan Einwechter (PsychoSpy)
Current thread:
- IP Spoofing with DHCP ? Skreel (Sep 17)
- Re: IP Spoofing with DHCP ? Matthew S. Hallacy (Sep 18)
- Re: IP Spoofing with DHCP ? Alon Oz (Sep 18)
- Re: IP Spoofing with DHCP ? Nathan Einwechter (Sep 19)
- CGI scripts in sh Crypteria (Sep 20)
- Re: CGI scripts in sh Mark Rafn (Sep 21)
- Serv-U FTP deals makes connections with www.cat-soft.com [ KoSaK ] (Sep 22)
- Re: Serv-U FTP deals makes connections with www.cat-soft.com Dimitry Andric (Sep 22)
- CGI scripts in sh Crypteria (Sep 20)
- Re: CGI scripts in sh Crispin Cowan (Sep 21)
- Re: CGI scripts in sh Gordon Messmer (Sep 21)
- Re: CGI scripts in sh Lincoln Yeoh (Sep 22)
- Re: CGI scripts in sh Crispin Cowan (Sep 23)
- Re: CGI scripts in sh -jf- (Sep 22)
- C versus other languages, round 538 or so (Re: CGI scripts in sh) Bluefish (P.Magnusson) (Sep 23)