Firewall Wizards mailing list archives

Re: Session hijacking, source-routes

From: Bennett Todd <bet () newritz mordor net>
Date: Wed, 10 Feb 1999 19:03:05 +0000

1999-02-10-15:44:57 Ken Hardy:

Can a TCP session be hijacked if the target system rejects
source-routed IP packets?


I'd expect so. Other ways to hijack a session that come to mind immediately
would include compromising another host on the same net as the legimitate
client, or compromising a host on any of the nets that the traffic normally
traverses to get to the legitimate client, or any of the routers on that path,
or any other router that any of those routers trusts to feed it routing
information. But I'm not a low-level networking guru, so I'm sure there are
many other ways:-).

Session encryption, that's the way to protect sessions from being hijacked. In
a distributed environment when you don't have complete control over all the
comm links between the endpoints, end-to-end encryption is the only way to
ensure the safety of the traffic.

-Bennett

Current thread:

Session hijacking, source-routes Ken Hardy (Feb 10)
- Re: Session hijacking, source-routes Bennett Todd (Feb 10)
- Re: Session hijacking, source-routes Paul D. Robertson (Feb 10)
  - Re: Session hijacking, source-routes Ken Hardy (Feb 11)
- Re: Session hijacking, source-routes Cohen Liota (Feb 11)
- <Possible follow-ups>
- Re: Session hijacking, source-routes Ryan Russell (Feb 10)