[NTLUG:Discuss] How does 'ip address spoofing work'?
Jack Snodgrass
jack+ntlug at mylinuxguy.net
Sat Jul 5 12:49:53 CDT 2003
On Sat, 05 Jul 2003 12:42:23 -0500, Kelledin wrote:
> As for IP address spoofing, it's quite simple how it works,
> once you understand that when a remote system sends data to your
> system, it's up to that remote system to tell you what its IP
> address is. Lying about its IP address is trivial; it often
> just involves modifying a four- or six-byte field in a packet
> header and regenerating the packet checksum. Consistently and
> accurately detecting when a remote system does this is well nigh
> impossible.
... just to confirm... if I send out a packet with someone
elses IP Address... ( spoofing ) it's going to get to you,
but it's not going to come back to me since it has someone
elses IP Address. It's going to get routed to them and they
will drop it since it didn't come from them... right?
jack
More information about the Discuss
mailing list