On 11/14/2015 6:21 PM, Wols Lists wrote: > On 14/11/15 22:16, Jim Starkey wrote: >> While's it possible to fake the originator IP address with UDP, I don't >> think it's possible with TCP. > The attacker simply uses the same IP address as a valid client ??? > > If the valid client is offline, that's a simple attack. However, chances > are valid addresses are in the same subnet as the server. If they're > not, there's probably no difference between TCP as UDP, because the > reply still needs to get back to the attacker, and routing will > fail/succeed based on the address, not the protocol.
I said UDP because it's a one way datagram that doesn't get a response. A TCP connection request requires a response that will not go to the attacker and the connection will not be established. > > If the valid client is online, then I think behaviour is "undefined", > but the attack is likely to either fail, or be noticed. However, even if > it's noticed, it might well not (indeed probably won't) be recognised. > > Cheers, > Wol > > ------------------------------------------------------------------------------ > Firebird-Devel mailing list, web interface at > https://lists.sourceforge.net/lists/listinfo/firebird-devel ------------------------------------------------------------------------------ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
