Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: DNS spoofing issue. Thoughts on potential exploits
From: list-fulldisclosure () pwns ms
Date: Thu, 24 Jul 2008 22:06:30 +0000

What is always required is a machine where the user has the ability to write
packets to the network with any IP. This usually means super user access.
It is difficult in most cases to send udp packets with forged IP since
routers will not accept them. That is why it is difficult to conduct an
attack against a random target.

Spoofing one's IP is trivial; there is no - NO - source address checking at the major transit providers; good thing 
too, it would break lots of things (it's possible - and common - to send packets out to a transit provider with a 
source IP address that you have *not* announced to them).

Good ISPs tend to check the source address of single-homed customers; plenty of ISPs don't.

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]