Re: IP Spoofing

[Ivan Arce <core.lists.firewall-wizards () core-sdi com>]

"Scott, Richard" wrote:

> Hi all,
>
> I believe that it is the case that IP Spoofing and TCP Sequence Number
> Prediction are using hand in hand (Excluding all the possible DoS, I am
> purely talking penetrative breeches of security).
>
> IP spoofing allows IP datagrams to be "authenticated" if source address
> authentication is being used.
> TCP Sequence number prediction, is used to hijack a TCP session, in which it
> may be the case that the IP address (source) needs to be spoofed.
>
> How is it the case then, is it possible to just use IP spoofing to penetrate
> a system?

yes, in a lots of different ways
one that comes to my mind right now: spoofed DNS responses.
.. spoofed IP source address and UDP payload..

-ivan




--

"Understanding. A cerebral secretion that enables one having it to know
 a house from a horse by the roof on the house,
 It's nature and laws have been exhaustively expounded by Locke,
 who rode a house, and Kant, who lived in a horse." - Ambrose Bierce

--------------------------------------------------------------------------------------------

 Iván Arce <ivan () core-sdi com>
 Presidente
 CORE SDI S.A.
 Pte. Juan D. Peron 315 4to UF17 (1394) Buenos Aires, Argentina.
 TE/FAX: +54-11-43-31-54-02 +54-11-43-31-54-09
 PGP fingerprint: C7A8 ED85 8D7B 9ADC 6836  B25D 207B E78E 2AD1 F65A
--------------------------------------------------------------------------------------------




--- For a personal reply use iarce () core-sdi com