Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> is run a script that launches lame attacks with spoofed IPs against a fusker site

How do you spoof your IP in TCP? If you spoof your source address you shouldn't be able to get past the handshake.



http://en.wikipedia.org/wiki/TCP_sequence_prediction_attack

You spoof the IP address you are sending from and then predict the TCP sequence number so you can make it look as though you are receiving the replies (even though they are going to another machine since you spoofed the IP address).

Such an attack was proposed by Hacker News' very own rtm: http://tools.ietf.org/html/rfc1948


Unfortunately for my original point, it looks like my info was waaaay out of date, and most OSs started using cryptographically random ISNs years ago.

My bad, sorry for the noise.

edit: I suppose this means it's time for me to finally discard my copy of Inside TCP/IP, third edition. :-(


Don't just throw it away; it's great for ergonomics. Most people's monitors are way too far below eye level.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: