You can so some nasty things by sending a machine packets with the source of 127.0.0.1, but establishing a TCP connection isn't one of them.
I'm afraid you're wrong. I don't know if this is the case, but spoofing the source address to establish a TCP connection is a well known attack tecnique. Granted, it's not an easy one (excluding when used with some OSes), but it's possible (and nmap itself has options to check a particular system weakness in respect to source address spoofing, namely -O -v).
Yes, nmap has an option which tells you how difficult it is to highjack a connection. Yes you can initiate a connection with a spoofed address, but that connection can not be made with 127.0.0.1.
This is way way off topic, but I don't expect you to believe me, so I'll explain why. When you initiate a TCP connection, you send a packet to the destination with only the SYN flag set. The host that receives the packet will determine whether the destination port is open, and in the absense of additional constraints, send back a packet with the SYN and ACK flags set. This packet will be send using the hosts routing table, unless you are able to attack it using ICMP redirect packets (which is what nmap is reporting). You will not, however, be able to redirect traffic to interfaces local to the machine. When the destination host sends its SYN/ACK packet, it will be received and processed locally, and rejected because it does not relate to a connection initiated there.
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
