mailing list archives
Re: IP Session Hijacking And Spoofing
From: Svetoslav Gyurov <sve () pzmail org>
Date: Tue, 26 Nov 2002 00:11:09 +0200 (EET)
Yes but some or most of the routers in Internet are denying source routing
in packet headers for security reasons, then what ? The best way leaves
"man in middle" ?!
And about sequence numbers, every distro is using different algorithms
about generating them, isn't they ?
On Fri, 22 Nov 2002, simsjs wrote:
With IP Spoofing there is no need to guess the sequence number since there is no session currently open with that IP
address. The way that the traffic would get back to you is by using source routing. This is where you tell the
network how to route the output and input from a session, then you simply sniff it from the network as it passes by
you. But you have to make sure you put in a route that will both reach its destination and pass through your own
As far as guessing the sequence numbering for session high-jacking, I really have no idea, but there are programs
that will attempt to guess these for you. The one I am thinking of (whose name escapes me at the time) will allow you
to watch a session, reset a session, or hijack it.
Hope some of this helps.
Best regards, sve