Yes, google "TCP session hijacking".
The possibilities are limited by your access to the network path between the endpoints. If you have share a LAN with one of the endpoints you can poison the ARP cache of the endpoint and insert a "MAC-layer" proxy, if you can tap the ONLY link between routers, you can insert a PHY layer proxy. If you are attacking from some random point in the network, the hijack is dependent on your ability to predict the ports and sequence numbers -- and you won't receive anthing sent by either endpoint -- but the fact that they will accept anything you send as coming from the other endpoint can be enough for a successful attack. ========================== >> Dear list: >> It's possible that a intruder could take active part of a TCP connection >> after this was established? >> In UPD I know this is true because is a connectionless protocol. But I have >> doubts about TCP. >> Thanks >> Pablo A. C. Gietz >> Jefe de Seguridad Inform�tica >> Nuevo Banco de Entre R�os S.A. >> Te.: 0343 - 4201351 __________________________________________________________ Outgrown your current e-mail service? Get 25MB Storage, POP3 Access, Advanced Spam protection with LYCOS MAIL PLUS. http://login.mail.lycos.com/brandPage.shtml?pageId=plus&ref=lmtplus
