Hi all, I believe that it is the case that IP Spoofing and TCP Sequence Number Prediction are using hand in hand (Excluding all the possible DoS, I am purely talking penetrative breeches of security). IP spoofing allows IP datagrams to be "authenticated" if source address authentication is being used. TCP Sequence number prediction, is used to hijack a TCP session, in which it may be the case that the IP address (source) needs to be spoofed. How is it the case then, is it possible to just use IP spoofing to penetrate a system? I believe the confusion is that if a remote service on the destination machine is available then one could send an IP datagram payload (spoofed as a trusted machine) and get the remote service to, for example, add them to the trusted host list et al. Does any one have any in depth look at IP spoofing and using say rsh(unix)/command shell(NT) or something like that ? Cheers r. Richard Scott (I.S.) E-Commerce Team *Tel: 001-(612)-995-5432 * Fax: 001-(612)-947-2005 * Best Buy World Headquarters 7075 Flying Cloud Drive Eden Prairie, MN 55344 USA This '|' is not a pipe
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:42:09 PDT