Yes but some or most of the routers in Internet are denying source routing in packet headers for security reasons, then what ? The best way leaves "man in middle" ?!
And about sequence numbers, every distro is using different algorithms about generating them, isn't they ? On Fri, 22 Nov 2002, simsjs wrote: > With IP Spoofing there is no need to guess the sequence number since there is no >session currently open with that IP address. The way that the traffic would get back >to you is by using source routing. This is where you tell the network how to route >the output and input from a session, then you simply sniff it from the network as it >passes by you. But you have to make sure you put in a route that will both reach its >destination and pass through your own network. > > As far as guessing the sequence numbering for session high-jacking, I really have no >idea, but there are programs that will attempt to guess these for you. The one I am >thinking of (whose name escapes me at the time) will allow you to watch a session, >reset a session, or hijack it. > > Hope some of this helps. > > Jeff > Best regards, sve
