Re: chaging your @home IP address... could you take a bunch of them....probably.

From: Bugtraq Mailing Lists (bugtraqat_private)
Date: Thu Feb 07 2002 - 13:34:21 PST

Next message: jon schatz: "Re: Web Browsers vulnerable to the Extended HTML Form Attack (IE and OPERA)"

Previous message: Michal Zalewski: "Re: ssh"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 7 Feb 2002, Bugtraq Mailing Lists wrote:

> > in my post I was not talking about @home, but cable lans in general.  Also
> > ingress will only filter ip addresses which don't exist in the lan, correct?
Correct.
>
> >   well if you spoof ip addresses that do exist on your lan you can then send
> > and recieve packets.
 Still won't work. You can attack people with it, but when your source IP
 header in TCP/IP packet is forged, the receiving end will reply to the
 forged address, in which physically does not exist. Therefore a
 complete connection will not be made in such a case. (Although the ingress
 filter will not notice that since the IP you are spoofing to is within the
 existing LAN subnet.)
>
>  > >
> _________________________________________________________________
> > Chat with friends online, try MSN Messenger: http://messenger.msn.com
> >
>
>

Next message: jon schatz: "Re: Web Browsers vulnerable to the Extended HTML Form Attack (IE and OPERA)"
Previous message: Michal Zalewski: "Re: ssh"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Feb 07 2002 - 13:59:50 PST