On Tuesday, June 25, 2002, at 11:14 AM, Phillip Hofmeister wrote:
On Tue, Jun 25, 2002 at 02:40:19AM -0400, Anthony DeRobertis wrote:Note that to do (1), you must insure that the real machine does not send a RST in response to the SYN|ACK. Ways to do this are numerous; DoS attacks come to mind.Or just use an unused IP....
He was talking about spoofing ips that I am allowing access for in my firewall. All the ips I'm allowing are for existing machines, so an unused IP would be one that is not allowed through the firewall already.
-- Paul Baker"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."
-- Benjamin Franklin, 1759 GPG Key: http://homepage.mac.com/pauljbaker/public.asc -- To UNSUBSCRIBE, email to debian-security-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org