|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
christian.burri_at_synecta.ch
Date: Fri Aug 09 2002 - 03:05:45 CDT
<SNIP>
>
>No, you don't. If you spoof the IP, you wouldn't be able to get past
>the TCP handshake. If you don't have a connection, you couldn't send
>a wrong password and so you're unable to lock him out.
>
>It would be possible if you are in control of the public sites
>router, but not for everyone.
>
</SNIP>
I agree that a "true" spoofing of TCP isnt trivial, BUT:
What about SOCKS or HTTP proxies? Even the dumb takeover kiddies on
IRC know how to "spoof" theyr IPs with proxies. What about ./ any
shell provider box with a /16 subnet of IPs assigned? Oh woo.
Someone I know usually telnets off some cisco routers...
Just my two cents
Chris
-- To unsubscribe, e-mail: suse-security-unsubscribesuse.com For additional commands, e-mail: suse-security-help
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]