Firewall Wizards mailing list archives

IP Spoofing

From: "Scott, Richard" <Richard.Scott () bestbuy com>
Date: Fri, 1 Oct 1999 16:47:24 -0500

Hi all,

I believe that it is the case that IP Spoofing and TCP Sequence Number
Prediction are using hand in hand (Excluding all the possible DoS, I am
purely talking penetrative breeches of security).

IP spoofing allows IP datagrams to be "authenticated" if source address
authentication is being used.
TCP Sequence number prediction, is used to hijack a TCP session, in which it
may be the case that the IP address (source) needs to be spoofed.

How is it the case then, is it possible to just use IP spoofing to penetrate
a system?  
I believe the confusion is that if a remote service on the destination
machine is available then one could send an IP datagram payload (spoofed as
a trusted machine) and get the remote service to, for example, add them to
the trusted host list et al.

Does any one have any in depth look at IP spoofing and using say
rsh(unix)/command shell(NT) or something like that ?

Cheers
r.
Richard Scott   
(I.S.) E-Commerce Team
*Tel: 001-(612)-995-5432
* Fax: 001-(612)-947-2005
* Best Buy World Headquarters
7075 Flying Cloud Drive
Eden Prairie, MN 55344 USA

This '|' is not a pipe

Current thread:

IP Spoofing Scott, Richard (Oct 02)
- Re: IP Spoofing Ivan Arce (Oct 05)
- <Possible follow-ups>
- Re: IP Spoofing trall (Oct 04)
- Re: IP Spoofing Ryan Russell (Oct 04)
- RE: IP Spoofing Scott, Richard (Oct 05)