> What is always required is a machine where the user has the ability to write > packets to the network with any IP. This usually means super user access. > It is difficult in most cases to send udp packets with forged IP since > routers will not accept them. That is why it is difficult to conduct an > attack against a random target.
Spoofing one's IP is trivial; there is no - NO - source address checking at the major transit providers; good thing too, it would break lots of things (it's possible - and common - to send packets out to a transit provider with a source IP address that you have *not* announced to them). Good ISPs tend to check the source address of single-homed customers; plenty of ISPs don't. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
