From: Scovetta, Michael V (Michael.Scovetta@ca.com)
Date: Thu Dec 04 2003 - 18:30:06 EST
True, but with the handshake can be spoofed if you're not on a
secure O/S. Michael Zalewski wrote a very good paper on sequence
number prediction:
http://razor.bindview.com/publish/papers/tcpseq.html
and that's really all you need to spoof it, and maybe
a router on your end that doesn't care about the source
IPs being incorrect.
Michael Scovetta
-----Original Message-----
From: Nexus [mailto:nexus@patrol.i-way.co.uk]
Sent: Thursday, December 04, 2003 10:46 AM
To: pire pire; pen-test@securityfocus.com
Subject: Re: RE: Session & IP Spoofing
----- Original Message -----
From: "pire pire" <pirepire69@romandie.com>
To: <MThompson@brinkster.com>; <pen-test@securityfocus.com>
Sent: Thursday, December 04, 2003 9:54 AM
Subject: RE: RE: Session & IP Spoofing
> No I don't care about the return traffic! All I
> need is to sen I GET request with a spoofed IP!
But you would also need to spoof the TCP 3-way handshake before you can even
send the HTTP GET request, which is um..... non-trivial ;-)
Cheers.
---------------------------------------------------------------------------
----------------------------------------------------------------------------
---------------------------------------------------------------------------
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:43 EDT