I think it depends... I know for sure that ettercap (on linux) can
hijack a tcp connection and inject whatever data the intruder wants
(it's child's play for instance to hijack a telnet to a router and send
back to the operator fake answers from the router)...
But in order to do that it has to
Yes,
google TCP session hijacking.
The possibilities are limited by your access to the network path between the endpoints.
If you have share a LAN with one of the endpoints you can poison the ARP cache of the
endpoint and insert a MAC-layer proxy, if you can tap the ONLY link between routers,
i believe you are asking if it is possible to hijack a TCP session. is
this correct? absolutely it is possible, it is just a matter of spoofing
the mechanics for maintaining the session, the syn/ack numbers.
rant
let it be a lesson to you. using a non security feature to provide you
with
Dear list:
It's possible that a intruder could take active part of a TCP
connection after this was established?
In UPD I know this is true because is a connectionless
protocol. But I have doubts about TCP.
Depending on the location of the attacker this would indeed be possible.
He/She's
Dear list:
It's possible that a intruder could take active part of a TCP connection
after this was established?
In UPD I know this is true because is a connectionless protocol. But I have
doubts about TCP.
Thanks
Pablo A. C. Gietz
Jefe de Seguridad Informática
Nuevo Banco de Entre Ríos S.A.
Te.: