Not necessarily true, compromise is a relative term in this case. For instance, any of the following could happen A. any router in between the two communicating hosts could be compromised B. routing protocol compromise that would allow sniffing of one way traffic (default route/rip/ospf/bgp,etc...) C. DNS cache poisoning that redirects the attack to another hosts allowing for MITM.
Matthew F. Caldwell,CISSP [EMAIL PROTECTED] -----Original Message----- From: Muhammad Faisal Rauf Danka [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 24, 2002 6:03 PM To: Thad Horak; [EMAIL PROTECTED] Subject: Re: Session Hijacking Your fundamentals are right. attacker A has to compromise some host in host B's network in Ohio or at host C's network in Florida inorder to conduct MITM attack. Regards, --------- Muhammad Faisal Rauf Danka Chief Technology Officer Gem Internet Services (Pvt) Ltd. web: www.gem.net.pk voice: 92-021-111-GEMNET "Great is the Art of beginning, but Greater is the Art of ending. " ------BEGIN GEEK CODE BLOCK---- Version: 3.1 GCS/CM/P/TW d- s: !a C++ B@ L$ S$ U+++ P+ L+++ E--- W+ N+ o+ K- w-- O- PS PE- Y- PGP+ t+ X R tv+ b++ DI+ D G e++ h! r+ y+ ------END GEEK CODE BLOCK------ --- Thad Horak <[EMAIL PROTECTED]> wrote: >All, > >A peer recently told me that the a network topology >consisting of internal servers routing traffic through >a firewall to the internet was a security hole since >the session could either be hijacked or be hacked >using a MITM technique. > >Example: > >Internal_server --> PIX NAT --> Internet partner > >I understand the fundamentals behind hijacking and >MITM attacks, but it would seem to me that the only >way that an attacker could pull of this type of an >attack would be to compromise a host on the same >switch/hub that the firewall is on. Is this this a >correct assumption? Can attacker A in California >hijack User B in Ohio shopping on Site C in Florida >without compromising some key piece of equipment in >between B and C first? > >My apologies for the long winded question. Thanks in >advance for your insight. > >Thad > >__________________________________________________ >Do You Yahoo!? >Yahoo! Games - play chess, backgammon, pool and more >http://games.yahoo.com/ _____________________________________________________________ --------------------------- [ATTITUDEX.COM] http://www.attitudex.com/ --------------------------- _____________________________________________________________ Run a small business? Then you need professional email like [EMAIL PROTECTED] from Everyone.net http://www.everyone.net?tag
