Re: Spoofed IP address

["crazy frog crazy frog" <i.m.crazy.frog () gmail com>]

Hi,
In some common MITM the attacker spoofs it original mac address like
in ARP poisioning.But changing ip is not that easy.
_CF
www.secgeeks.com


On 9/22/06, xun dong <xundong () cs york ac uk> wrote:
> Thanks everyone who read and answer my question.
>
> Given a scenario as below:
>
> When someone wants to launch a man-in-the-middle attack on the
> communication between the client and server. In order to make it more
> transparent(hard to discover) can the attacker pretended to has the same
> IP address as the server(when handling the communication with client
> end) while pretending to has the same IP address as the client(when
> handling the communication with server end). If it is possible, can you
> tell me your solutions.
>
> This is not used to generate real attacks, it is just a concern I come
> cross when designing a communication system.
>
> Thanks a lot.
>
> Xun Dong
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> ------------------------------------------------------------------------


--
ting ding ting ding ting ding
ting ding ting ding ding
i m crazy frog :)
"oh yeah oh yeah...
another wannabe, in hackerland!!!"

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------