Re: IP Address Question

[George Johnson <gjohnson () espgroup net>]

Robin,

Yes and No. No - not without a lot of other things going on in the 
background. TCP/IP sends the packets back to their originating address, 
so if you pretend to be a different IP, and send in an authentication 
request, the answer will go back to the place that you were pretending 
to be.

Yes - If you can hi-jack the owners of the originating address space or 
if you are on the same ethernet segment (DNS cache poison, 
man-in-the-middle, etc...) then you can IP spoof. IP spoofing is 
generally done with half-open TCP connections (SYN floods, etc...) or 
with UDP attacks (DOS/DDOS attacks) which do not equire the TCP/IP 3-way 
handshake.

Hope it helps.

George

Robin Fordham wrote:

> OK, here's a question. Is it possible for a hacker to
> impersonate an IP Address with regard to logging into
> web applications. The Paros3.0 tool that I'm using to
> test Session Hijacking does not let you change your IP
> Address, but I wanted to know if it was actually
> possible to do? It would help so that I can assess the
> probability of a particular attack from occurring.
>
> Cheers
>
> Robin
>
>
> =====
> ---------------------------------------
> Web Site: http://electricpiggy.com
> E-mail: robin_fordham () yahoo com
> ICQ: 15208257
> ---------------------------------------
>
> __________________________________
> Do you Yahoo!?
> The New Yahoo! Shopping - with improved product search
> http://shopping.yahoo.com