Home page logo

basics logo Security Basics mailing list archives

From: Rooster <rooster () attrition org>
Date: Thu, 14 Nov 2002 09:41:43 -0500 (EST)

i believe you are asking if it is possible to hijack a TCP session.  is
this correct?  absolutely it is possible, it is just a matter of spoofing
the mechanics for maintaining the session, the syn/ack numbers.

let it be a lesson to you.  using a non security feature to provide you
with security is a very bad idea.  the sesion integrity feature of tcp was
never meant as a security measure, don't use it as such.

On Wed, 13 Nov 2002, Pablo Gietz wrote:

Dear list:
It's possible that a intruder could take active part of a TCP connection
after this was established?
In UPD I know this is true because is a connectionless protocol. But I have
doubts about TCP.

Pablo A. C. Gietz
Jefe de Seguridad Inform?tica
Nuevo Banco de Entre R?os S.A.
Te.: 0343 - 4201351

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]