Yes, that it possible. Using just (layer 3?) IP, there is no way to know if the given source address is correct. However!, TCP includes a 3-way initiation, and makes spoofing one's IP address very hard (because the replies to the initiating host get lost). TCP ID's are SUPPOSED to be cryptographically strong; given one connection ID, it should be difficult to predict what the next one is. `nmap -O -v` is a good guage of that; Windows earlier than 2000 are supposed to be very bad, using incremental TCP ID's and such.
So, one is safe against TCP connections with spoofed sources. Beware of all non-TCP connection (UDP, ICMP (ping), etc) though. Justin On Wed, Jul 02, 2003 at 08:09:02PM +0000, Hanuska Ivo wrote: > > I have question which does not make me sleep: > > Is it possible to forge my IP address? Imagine situation that I am connected with > some sort of link (not Ethernet like device, there is answer simple, just use ARP > manipulation methods) possibly by modem to Internet and I want to forge my IP > address (so I do want to pretend, that my IP address is different that really is). > > Is there somewhere some information about such a procedure and how to protect my > resources from connections from such forged IP address? > > Thank you all, > > Ivo Hanuška > > > --------------------------------------------------------------------------- > Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! > The Gartner Group just put Neoteris in the top of its Magic Quadrant, > while InStat has confirmed Neoteris as the leader in marketshare. > > Find out why, and see how you can get plug-n-play secure remote access in > about an hour, with no client, server changes, or ongoing maintenance. > > Visit us at: http://www.neoteris.com/promos/sf-6-9.htm > ---------------------------------------------------------------------------- > --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
