Re: RE: Session & IP Spoofing

From: Nexus (nexus_at_patrol.i-way.co.uk)
Date: 12/04/03

Next message: Marco Ivaldi: "Re: john the ripper"

Previous message: MARTIN M. Bénoni: "RE: RE: Session & IP Spoofing"
In reply to: pire pire: "RE: RE: Session & IP Spoofing"
Next in thread: Frank Knobbe: "Re: RE: Session & IP Spoofing"
Reply: Frank Knobbe: "Re: RE: Session & IP Spoofing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "pire pire" <pirepire69@romandie.com>, <pen-test@securityfocus.com>
Date: Thu, 4 Dec 2003 15:46:21 -0000

----- Original Message -----
From: "pire pire" <pirepire69@romandie.com>
To: <MThompson@brinkster.com>; <pen-test@securityfocus.com>
Sent: Thursday, December 04, 2003 9:54 AM
Subject: RE: RE: Session & IP Spoofing

> No I don't care about the return traffic! All I
> need is to sen I GET request with a spoofed IP!

But you would also need to spoof the TCP 3-way handshake before you can even
send the HTTP GET request, which is um..... non-trivial ;-)

Cheers.

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Next message: Marco Ivaldi: "Re: john the ripper"

Previous message: MARTIN M. Bénoni: "RE: RE: Session & IP Spoofing"
In reply to: pire pire: "RE: RE: Session & IP Spoofing"
Next in thread: Frank Knobbe: "Re: RE: Session & IP Spoofing"
Reply: Frank Knobbe: "Re: RE: Session & IP Spoofing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: AJAX request hangs for 5 minutes
... one TCP packet to send." ... Applications present data to the stack. ... data is assembled into TCP segments. ... implementations to usually send the request as two or more segments. ...
(comp.lang.javascript)
Re: AJAX request hangs for 5 minutes
... It is relevant to the quotation I was referring to, for at least three TCP ... initial SYN and the ACK of the server's SYN. ... In theory, the client could send the request with that ACK, but this ...
(comp.lang.javascript)
Re: PPP over UDP
... Suppose a packet gets lost on the lower level TCP. ... notice that a packet has been lost and send a retransmit request. ...
(comp.os.linux.security)
Re: Code Red Doesnt care about TCP sessions?
... Code Red Doesn't care about TCP sessions? ... Below is an attempt to reach port 80 on a windows machine running ... so it never sent the GET request. ... TCP Options => MSS: 1460 NOP NOP SackOK ...
(Incidents)
Re: MAXLINKS of SERVER and STATS server question?
... MAXLINKS is for SERVER $RECEIVE QUEUE(for different TCP). ... If SERVER is not exceed MAXLINKS, different request of TCP put into ...
(comp.sys.tandem)