Session hijacking, source-routes

• Previous message: John McDonald: "RE: Smurfs and fraggles"
• Next in thread: Bennett Todd: "Re: Session hijacking, source-routes"
• Reply: Bennett Todd: "Re: Session hijacking, source-routes"
• Reply: Ryan Russell: "Re: Session hijacking, source-routes"
• Reply: Paul D. Robertson: "Re: Session hijacking, source-routes"
• Reply: Ken Hardy: "Re: Session hijacking, source-routes"
• Reply: Cohen Liota: "Re: Session hijacking, source-routes"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Can a TCP session be hijacked if the target system rejects
source-routed IP packets?

If I understand the process correctly, the attacker quells the
legitimate client with a DOS attack and gets the server to
route the packets to himself instead after having observed the
proper sequence numbers to use.  (No real significance to use
of client/server here -- could work against either end of the
TCP connection.)

If my f/w rejects all source-routed packets, are its connections
immune to session hijacking, or does this (or can this) work
another way?

--
KH

• Next message: Chris Cappuccio: "Re: Sliding/Shifting/Morphing firewalls"
• Previous message: John McDonald: "RE: Smurfs and fraggles"
• Next in thread: Bennett Todd: "Re: Session hijacking, source-routes"
• Reply: Bennett Todd: "Re: Session hijacking, source-routes"
• Reply: Ryan Russell: "Re: Session hijacking, source-routes"
• Reply: Paul D. Robertson: "Re: Session hijacking, source-routes"
• Reply: Ken Hardy: "Re: Session hijacking, source-routes"
• Reply: Cohen Liota: "Re: Session hijacking, source-routes"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:21:31 PDT