this is why shitty tcp-ip stacks (with guessable sequences/etc) are a
problem. Plus let's say I have two boxes, I spoof connection from A (make it
appear from B), if someone complains about B I go "I didn't do it, here, I
can proove it, my isp now monitors that stuff outgoing!". Or let's say you
have access to a bunch of computers on a hub network (sound familiar?) I can
just spoof one of the other IP's, or using dsniff hijack arp/ip's/etc.
TCP-IP doesn't even think about security.
Kurt Seifried, kurt@seifried.org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://www.seifried.org/security/
----- Original Message -----
From:
I did not know that it is possible to forge IP address in stream connections - it is required for handshake.
- Alexey.
{ http://trelony.cjb.net/ } Alexey N. Solofnenko { http://www.inventigo.com/ } Inventigo LLC Pleasant Hill, CA (GMT-8 usually)
------------------------------------------------- This mail sent through IMP: https://mail.inventigo.com/horde/imp/
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com