WebApp Sec mailing list archives
Re: IP Address Question
From: "David Wall @ Yozons" <dwall () yozons com>
Date: Thu, 25 Sep 2003 10:02:06 -0700
In general, using a forged IP address will run into routing problems for any responses being sent back. They could spoof them in a DoS attack, for example, in which the responses don't matter and perhaps because they want the responses to also flood someone else's network. However, it is possible for a user behind a bank of proxy servers to appear to change IP addresses for each request. Therefore, the IP addresses are correct for any given HTTP POST/GET type of interaction, but it may use one IP address for a set of invocations, and then switch to another IP address (because it's using a different proxy server) for subsequent requests. This seems rares in our logs, but AOL systems seemed to be notorious for this sort of thing. David ----- Original Message ----- From: "Robin Fordham" <robin_fordham () yahoo com> To: <webappsec () securityfocus com> Sent: Thursday, September 25, 2003 9:10 AM Subject: IP Address Question
OK, here's a question. Is it possible for a hacker to impersonate an IP Address with regard to logging into web applications. The Paros3.0 tool that I'm using to test Session Hijacking does not let you change your IP Address, but I wanted to know if it was actually possible to do? It would help so that I can assess the probability of a particular attack from occurring. Cheers Robin ===== --------------------------------------- Web Site: http://electricpiggy.com E-mail: robin_fordham () yahoo com ICQ: 15208257 --------------------------------------- __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com
Current thread:
- IP Address Question Robin Fordham (Sep 25)
- Re: IP Address Question David Wall @ Yozons (Sep 25)
- Re: IP Address Question George Johnson (Sep 25)
- <Possible follow-ups>
- RE: IP Address Question lj-news (Sep 25)
- RE: IP Address Question Perry, Blane (Sep 25)