Firewall Wizards mailing list archives

RE: IP Spoofing.

From: "Kurt Buff" <kurtbuff () lightmail com>
Date: Wed, 29 Sep 1999 21:08:56 -0700

Better yet, try this:

http://www.amazon.com/exec/obidos/ASIN/0735708681/o/qid=938664234/sr=8-1/002
-9336378-0534254

Network Intrusion Detection: An Analyst's Handbook - Stephen Northcutt

Chapter 1 describes Mitnick's compromise of Shimomura's system via Syn
flooding and IP spoofing.

I've only just started chapter 2, but it looks good so far. If you do a
search on Amazon with "network intrustion detection" as your set of
keywords, you'll turn up three hits immediately, including the one above.

Kurt

| -----Original Message-----
| From: owner-firewall-wizards () lists nfr net
| [mailto:owner-firewall-wizards () lists nfr net]On Behalf Of
| Carric Dooley
| Sent: Tuesday, September 28, 1999 10:07 AM
| To: Christopher C. Petro
| Cc: firewall-wizards () nfr net
| Subject: Re: IP Spoofing.
|
|
| Sorry, but your boss is wrong.  Get web ferret (it's free)
| and search for
| IP spoofing.  Why would they call it IP spoofing if you
| couldn't spoof an
| IP address?  You typicall have to do it blindly (thus the expression
| "blind spoofing"), IOW, you spoof a host, but do not get the
| response, you
| guess or assume the response and proceed accordingly.  Also look up
| session hi-jacking.
|
|
| Carric Dooley CNE
| COM2:Interactive Media
| http://www.com2usa.com
|
| "In theory, there is no difference between theory
| and practice. But, in practice, there is. "
|                       - Jan L.A. van de Snepscheut
|
| On Fri, 17 Sep 1999, Christopher C. Petro wrote:
|
| > Ok, this is probably not the kind of request that most of you will
| > want to answer, but I just got in an argument with my boss about IP
| > spoofing. He claims it is not possible to spoof an IP
| number, whilst
| > I am almost certain it is.
| >
| > Could anyone provide me with a link or pointer to
| information that I
| > could use to prove him wrong, or to information that proves
| me wrong?
| >
| > Thanks.
| > --
| > We have only come here seeking knowledge
| > Things they would not teach us of in college.--The Police
| >
| > http://www.atypon.com                              petro () atypon com
| >
|
|

Current thread:

Re: IP Spoofing., (continued)
- Re: IP Spoofing. William Stearns (Sep 19)
- Re: IP Spoofing. Tim Kramer (Sep 20)
- RE: IP Spoofing. Joseph Williams (Sep 20)
- Re: IP Spoofing. altellez (Sep 21)
- Re: IP Spoofing. Carric Dooley (Sep 28)
  - Re: IP Spoofing. Randy Witlicki (Sep 29)
    - Re: IP Spoofing. Paul D. Robertson (Sep 30)
    - Re: IP Spoofing. Peter J. Kunz (Sep 30)
    - Re: IP Spoofing. Ivan Arce (Sep 30)
    - Re: IP Spoofing. Emiliano Kargieman (Sep 30)
  - RE: IP Spoofing. Kurt Buff (Sep 30)
    - RE: IP Spoofing. Rick Smith (Sep 30)
- Re: IP Spoofing. Steven M. Bellovin (Sep 19)
- Re: IP Spoofing. Robert Graham (Sep 21)