Re: RE: Session & IP Spoofing

From: Nexus (nexus@patrol.i-way.co.uk)
Date: Thu Dec 04 2003 - 10:46:21 EST

• Next message: Marco Ivaldi: "Re: john the ripper"
• Previous message: MARTIN M. Bénoni: "RE: RE: Session & IP Spoofing"
• In reply to: pire pire: "RE: RE: Session & IP Spoofing"
• Next in thread: Frank Knobbe: "Re: RE: Session & IP Spoofing"
• Reply: Frank Knobbe: "Re: RE: Session & IP Spoofing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

----- Original Message -----
From: "pire pire" <pirepire69@romandie.com>
To: <MThompson@brinkster.com>; <pen-test@securityfocus.com>
Sent: Thursday, December 04, 2003 9:54 AM
Subject: RE: RE: Session & IP Spoofing

> No I don't care about the return traffic! All I
> need is to sen I GET request with a spoofed IP!

But you would also need to spoof the TCP 3-way handshake before you can even
send the HTTP GET request, which is um..... non-trivial ;-)

Cheers.

---------------------------------------------------------------------------
----------------------------------------------------------------------------

• Next message: Marco Ivaldi: "Re: john the ripper"
• Previous message: MARTIN M. Bénoni: "RE: RE: Session & IP Spoofing"
• In reply to: pire pire: "RE: RE: Session & IP Spoofing"
• Next in thread: Frank Knobbe: "Re: RE: Session & IP Spoofing"
• Reply: Frank Knobbe: "Re: RE: Session & IP Spoofing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:43 EDT