Penetration Testing mailing list archives
Re: RE: Session & IP Spoofing
From: "Nexus" <nexus () patrol i-way co uk>
Date: Thu, 4 Dec 2003 15:46:21 -0000
----- Original Message ----- From: "pire pire" <pirepire69 () romandie com> To: <MThompson () brinkster com>; <pen-test () securityfocus com> Sent: Thursday, December 04, 2003 9:54 AM Subject: RE: RE: Session & IP Spoofing
No I don't care about the return traffic! All I need is to sen I GET request with a spoofed IP!
But you would also need to spoof the TCP 3-way handshake before you can even send the HTTP GET request, which is um..... non-trivial ;-) Cheers. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Session & IP Spoofing pire pire (Dec 03)
- Re: Session & IP Spoofing Stephen de Vries (Dec 03)
- <Possible follow-ups>
- RE: Session & IP Spoofing Micheal Thompson (Dec 03)
- RE: Session & IP Spoofing Scovetta, Michael V (Dec 03)
- RE: RE: Session & IP Spoofing pire pire (Dec 04)
- Re: RE: Session & IP Spoofing Nexus (Dec 04)
- Re: RE: Session & IP Spoofing Frank Knobbe (Dec 06)
- RE: RE: Session & IP Spoofing Rob Shein (Dec 06)
- Re: RE: Session & IP Spoofing Nexus (Dec 04)
- RE: RE: Session & IP Spoofing MARTIN M. Bénoni (Dec 04)
- RE: RE: Session & IP Spoofing Micheal Thompson (Dec 06)
- RE: RE: Session & IP Spoofing Scovetta, Michael V (Dec 06)