On 14/11/15 22:16, Jim Starkey wrote: > While's it possible to fake the originator IP address with UDP, I don't > think it's possible with TCP.
The attacker simply uses the same IP address as a valid client ??? If the valid client is offline, that's a simple attack. However, chances are valid addresses are in the same subnet as the server. If they're not, there's probably no difference between TCP as UDP, because the reply still needs to get back to the attacker, and routing will fail/succeed based on the address, not the protocol. If the valid client is online, then I think behaviour is "undefined", but the attack is likely to either fail, or be noticed. However, even if it's noticed, it might well not (indeed probably won't) be recognised. Cheers, Wol ------------------------------------------------------------------------------ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
