WebApp Sec mailing list archives
Re: IP Address Question
From: George Johnson <gjohnson () espgroup net>
Date: Thu, 25 Sep 2003 13:03:27 -0400
Robin,Yes and No. No - not without a lot of other things going on in the background. TCP/IP sends the packets back to their originating address, so if you pretend to be a different IP, and send in an authentication request, the answer will go back to the place that you were pretending to be.
Yes - If you can hi-jack the owners of the originating address space or if you are on the same ethernet segment (DNS cache poison, man-in-the-middle, etc...) then you can IP spoof. IP spoofing is generally done with half-open TCP connections (SYN floods, etc...) or with UDP attacks (DOS/DDOS attacks) which do not equire the TCP/IP 3-way handshake.
Hope it helps. George Robin Fordham wrote:
OK, here's a question. Is it possible for a hacker to impersonate an IP Address with regard to logging into web applications. The Paros3.0 tool that I'm using to test Session Hijacking does not let you change your IP Address, but I wanted to know if it was actually possible to do? It would help so that I can assess the probability of a particular attack from occurring. Cheers Robin ===== --------------------------------------- Web Site: http://electricpiggy.com E-mail: robin_fordham () yahoo com ICQ: 15208257 --------------------------------------- __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com
Current thread:
- IP Address Question Robin Fordham (Sep 25)
- Re: IP Address Question David Wall @ Yozons (Sep 25)
- Re: IP Address Question George Johnson (Sep 25)
- <Possible follow-ups>
- RE: IP Address Question lj-news (Sep 25)
- RE: IP Address Question Perry, Blane (Sep 25)