Spoofing

[Titan <titan () blader com>]

Hello fellows,

  As sometime you were discussing about Spoofing, and someone mentioned
about many kinds of Spoofing, ex. TCP, UDP, IP, etc.. just would like to
know exactly which protocols are spoof-able and if there are any papers
or books about each of them. 

  Recently posted on BugTraq, about the VNC security, the guy mentioned
about the vulnerabilites:

<quote>

- Session hijacking, once the session is established it might be
  hijacked using ARP spoofing, ICMP Redirects, BGP Injection,
  RIP spoofing or any other redirection method. All standard
  TCP sequence prediction problems apply.

- Man-in-the-middle attacks: Evil Attacker(tm) fools the client
  to connect to him/her instead of the actual server (via DNS
  spoofing or any of the spoofs above, however, we do not need
  to do TCP sequence prediction at all), connects to the server,
  gets the random challenge, sends the challenge to the client,
  gets the response from the client and passes it to the server.
  Voila! Straight authenticated connection from attacker to server.

- Actually, both above attacks are a lot easier to do if all
  involved parties are on the same LAN, so your network security
  depends on the definition of the word "trusted" :)

</quote> 

  Just wonder some documents/texts/books that relate carefuly about all
this mentioned above... if anyone knows, I'd be grateful to know about
it.

Thanks in advance,

Titan
WOOHOO!