Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: RE: Session & IP Spoofing

From: "Scovetta, Michael V" <Michael.Scovetta () ca com>
Date: Thu, 4 Dec 2003 18:30:06 -0500
True, but with the handshake can be spoofed if you're not on a
secure O/S. Michael Zalewski wrote a very good paper on sequence
number prediction:
   http://razor.bindview.com/publish/papers/tcpseq.html

and that's really all you need to spoof it, and maybe
a router on your end that doesn't care about the source
IPs being incorrect.

Michael Scovetta


-----Original Message-----
From: Nexus [mailto:nexus () patrol i-way co uk]
Sent: Thursday, December 04, 2003 10:46 AM
To: pire pire; pen-test () securityfocus com
Subject: Re: RE: Session & IP Spoofing



----- Original Message ----- 
From: "pire pire" <pirepire69 () romandie com>
To: <MThompson () brinkster com>; <pen-test () securityfocus com>
Sent: Thursday, December 04, 2003 9:54 AM
Subject: RE: RE: Session & IP Spoofing



No I don't care about the return traffic! All I
need is to sen I GET request with a spoofed IP!


But you would also need to spoof the TCP 3-way handshake before you can even
send the HTTP GET request, which is um..... non-trivial ;-)

Cheers.


---------------------------------------------------------------------------
----------------------------------------------------------------------------



---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: