|
Bugtraq
mailing list archives
Re: IP SmartSpoofing : How to bypass all IP filters relying on source IP address
From: "Ossian Vitek" <ian.Vitek () ixsecurity com>
Date: Thu, 31 Oct 2002 20:44:36 +0100
The only new is that the attacker relays the packets from the trusted
client.
This is not needed for the spoof.
The solution in the defcon 8 presentation is far more easier.
You do not need to arpspoof and NAT.
* Spoof trusted client on the same LAN:
Just take the MAC and IP of the trusted host.
* Spoof an upstream trusted client:
Just take the MAC of the upstream router and the IP of the
trusted client.
Defcon 8:
http://www.defcon.org/html/defcon-8/defcon-8-post.html
Read "Full Connection Vanilla IP-Spoof" in the presentation at:
http://www.wittys.com/files/defcon_vitek.ppt
All responses containing:
1: "But on a switched environment ..."
2: "But if you take same MAC as the ..."
will be redirected to /dev/null
//Ian Vitek, iXsecurity
mailto:ian.vitek () ixsecurity com
Hi,
In an article available at
http://www.althes.fr/ressources/avis/smartspoofing.htm, we describe a new
technique for spoofing an IP address using ARP cache poisoning and network
translation. The IP smart spoofing allows to run any application with a
spoofed IP address and thus, bypass many access control based on source IP
address. As a result, we will explain why IP based access control is not
reliable on firewalls, routers or applications.
Regards,
Laurent Licour (llicour () althes fr) & Vincent Royer (vroyer () althes fr)
http://www.althes.fr
 By Date 
By Thread
Current thread:
- Re: IP SmartSpoofing : How to bypass all IP filters relying on source IP address Ossian Vitek (Nov 01)
|
Intro
