Home page logo

pen-test logo Penetration Testing mailing list archives

Re: RE: Session & IP Spoofing
From: Frank Knobbe <frank () knobbe us>
Date: Thu, 04 Dec 2003 18:41:09 -0600

On Thu, 2003-12-04 at 09:46, Nexus wrote:
But you would also need to spoof the TCP 3-way handshake before you can even
send the HTTP GET request, which is um..... non-trivial ;-)

I thought that IIS servers don't need the 3-way handshake. Isn't IE
cheating by trying to send regular ACKed data packets in order to speed
up the connection with the IIS webserver? (and falls back to TCP 3-way
when it doesn't get a response, as is pretty much the case with all
standards abiding web servers).

So IIS servers may be more vulnerable against those spoofing attacks
then, say, Apache servers. 

(and if that is the case -- testing required here -- then it's just
another one of those situations where Microsoft ignores a standard,
tries to cheat in favor of performance, and gets bitten with a
vulnerability in the end...)


Attachment: signature.asc
Description: This is a digitally signed message part

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]