i believe you are asking if it is possible to hijack a TCP session. is this correct? absolutely it is possible, it is just a matter of spoofing the mechanics for maintaining the session, the syn/ack numbers.
<rant> let it be a lesson to you. using a non security feature to provide you with security is a very bad idea. the sesion integrity feature of tcp was never meant as a security measure, don't use it as such. </rant> On Wed, 13 Nov 2002, Pablo Gietz wrote: > Dear list: > It's possible that a intruder could take active part of a TCP connection > after this was established? > In UPD I know this is true because is a connectionless protocol. But I have > doubts about TCP. > Thanks > > Pablo A. C. Gietz > Jefe de Seguridad Informática > Nuevo Banco de Entre Ríos S.A. > Te.: 0343 - 4201351 > >
