Re: IP Address Question

["David Wall @ Yozons" <dwall () yozons com>]

In general, using a forged IP address will run into routing problems for any
responses being sent back.  They could spoof them in a DoS attack, for
example, in which the responses don't matter and perhaps because they want
the responses to also flood someone else's network.

However, it is possible for a user behind a bank of proxy servers to appear
to change IP addresses for each request.  Therefore, the IP addresses are
correct for any given HTTP POST/GET type of interaction, but it may use one
IP address for a set of invocations, and then switch to another IP address
(because it's using a different proxy server) for subsequent requests.  This
seems rares in our logs, but AOL systems seemed to be notorious for this
sort of thing.

David

----- Original Message ----- 
From: "Robin Fordham" <robin_fordham () yahoo com>
To: <webappsec () securityfocus com>
Sent: Thursday, September 25, 2003 9:10 AM
Subject: IP Address Question


> OK, here's a question. Is it possible for a hacker to
> impersonate an IP Address with regard to logging into
> web applications. The Paros3.0 tool that I'm using to
> test Session Hijacking does not let you change your IP
> Address, but I wanted to know if it was actually
> possible to do? It would help so that I can assess the
> probability of a particular attack from occurring.
>
> Cheers
>
> Robin
>
>
> =====
> ---------------------------------------
> Web Site: http://electricpiggy.com
> E-mail: robin_fordham () yahoo com
> ICQ: 15208257
> ---------------------------------------
>
> __________________________________
> Do you Yahoo!?
> The New Yahoo! Shopping - with improved product search
> http://shopping.yahoo.com