Hello fellows, As sometime you were discussing about Spoofing, and someone mentioned about many kinds of Spoofing, ex. TCP, UDP, IP, etc.. just would like to know exactly which protocols are spoof-able and if there are any papers or books about each of them. Recently posted on BugTraq, about the VNC security, the guy mentioned about the vulnerabilites: <quote> - Session hijacking, once the session is established it might be hijacked using ARP spoofing, ICMP Redirects, BGP Injection, RIP spoofing or any other redirection method. All standard TCP sequence prediction problems apply. - Man-in-the-middle attacks: Evil Attacker(tm) fools the client to connect to him/her instead of the actual server (via DNS spoofing or any of the spoofs above, however, we do not need to do TCP sequence prediction at all), connects to the server, gets the random challenge, sends the challenge to the client, gets the response from the client and passes it to the server. Voila! Straight authenticated connection from attacker to server. - Actually, both above attacks are a lot easier to do if all involved parties are on the same LAN, so your network security depends on the definition of the word "trusted" :) </quote> Just wonder some documents/texts/books that relate carefuly about all this mentioned above... if anyone knows, I'd be grateful to know about it. Thanks in advance, Titan WOOHOO!
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:43:44 PDT