> Dear list: > It's possible that a intruder could take active part of a TCP > connection after this was established? > In UPD I know this is true because is a connectionless > protocol. But I have doubts about TCP.
Depending on the location of the attacker this would indeed be possible.
He/She's either needs to be able to trace the connection or be able to guess
values like port numbers, fragment ID's, timestamps etc.
But it is definitly possible.
Greetings,
Diederik
