WebApp Sec mailing list archives

RE: IP Address Question

From: "lj-news" <lj-news () umsys com>
Date: Thu, 25 Sep 2003 14:10:31 -0400

To effectively impersonate a remote IP and carry on TCP session I'm pretty sure either:
A> you have to be able to guess the sequence numbers and interact with the server completely blind (since you'll never 
get return traffic)
B> you have to be using a man-in-the-middle attack to intercept the return traffic or manipulate the return path

If that doesn't seem correct then someone please comment.

-LJ

-----Original Message-----
From: Robin Fordham [mailto:robin_fordham () yahoo com]
Sent: Thursday, September 25, 2003 12:11 PM
To: webappsec () securityfocus com
Subject: IP Address Question


OK, here's a question. Is it possible for a hacker to
impersonate an IP Address with regard to logging into
web applications. The Paros3.0 tool that I'm using to
test Session Hijacking does not let you change your IP
Address, but I wanted to know if it was actually
possible to do? It would help so that I can assess the
probability of a particular attack from occurring.

Cheers

Robin


=====
---------------------------------------
Web Site: http://electricpiggy.com
E-mail: robin_fordham () yahoo com
ICQ: 15208257
---------------------------------------

__________________________________
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
http://shopping.yahoo.com

Current thread:

IP Address Question Robin Fordham (Sep 25)
- Re: IP Address Question David Wall @ Yozons (Sep 25)
- Re: IP Address Question George Johnson (Sep 25)
- <Possible follow-ups>
- RE: IP Address Question lj-news (Sep 25)
- RE: IP Address Question Perry, Blane (Sep 25)