Questions tagged [ip-spoofing]
IP spoofing, also known as IP address forgery or a host file hijack, is a hijacking technique in which a cracker masquerades as a trusted host to conceal his identity, spoof a Web site, hijack browsers, or gain access to a network.
176
questions
0
votes
1
answer
917
views
Can someone spoof its IP address to mine when sending emails?
Can someone spoof its IP address to mine when sending emails?
I know we can see the IP address of the sender in the email header. If someone had my IP, can he/she use it to show in email headers?
Even ...
1
vote
0
answers
89
views
How to access web content protected by network ip? [closed]
I am testing a website that allows content fetch only when you access it from an IP a certain Wi-Fi network. However if you want to access the website from different network, you get the response of
{&...
1
vote
2
answers
567
views
TCP with IP Spoofing, Is It Really Impossible?
I was reading: IP Spoofing with real IP when TCP 3-way handshake has been made
Where the answer says:
First of all, every TCP packet has a sequential identifier, which
starts at a random position. (...
0
votes
1
answer
307
views
Client IP spoofing to carry out a TLS conversation, when the server only accepts connections from that client IP?
I am aware that IP spoofing can be used to carry out SYN flooding attacks, and impersonating servers.
However, I have not been able to find detailed step-by-step attack scenarios: where the attacker (...
0
votes
2
answers
259
views
Reasons why IP spoofing might fail
The way I understand is that if someone wants to pretend to be John Doe by using his IP address to conduct nefarious things on the internet, it would not be possible because
traffic would only be one ...
0
votes
1
answer
444
views
Can this logic with regard to checking Reverse DNS records be flawed?
For my web app, I hardcode a reverse DNS detection for common web crawlers. And for detecting them I use their Reverse DNS, which I always check whether it includes i.e. google.com. My questions would ...
1
vote
0
answers
497
views
Is it safe to use conntrack on Linux bridge devices?
I have a server with a number of Linux bridge devices for use with groups of virtual machines - some internet-routed, some intentionally unrouted. I have stateful firewalling in place for traffic ...
0
votes
1
answer
280
views
Spoofed IP addresses basics
I've been dealing with a hack on a site. I ended up wiping it and starting again - this was no loss as it was a small site and all content was backed up - took a couple of hours to get going again.
I ...
3
votes
3
answers
244
views
What prevents this specific type of attack from being viable?
Imagine a user has an ip of 1.2.3.4
The server the user intends to connect to has an ip of 2.3.4.5
An attacker has a machine with a promiscuous network card on the user's local network.
The attacker ...
0
votes
0
answers
1k
views
How does the NSA "masquerade as any routable IPv4 or IPv6 host"?
I was reading the Wikipedia article about TAO and there is written that:
Details on a program titled QUANTUMSQUIRREL indicate NSA ability to masquerade as any routable IPv4 or IPv6 host. This enables ...
0
votes
1
answer
634
views
Spoof IP address after a TCP handshake established
Is it possible to spoof the IP once a TCP handshake was performed successfully?
For example:
Perform the handshake
Use the session with the same IP which performed handshake but on
different machine ...
41
votes
6
answers
10k
views
Can I change my public IP address to a specific one?
It happens that I participate in a bug hunting program and analyzing the app I realized that there is a particular parameter that is very important for access control and that only changes with the IP ...
1
vote
0
answers
298
views
Prevent IP session hijacking
I was thinking of the following scenario :
a network is behind a router (performing NAT) and firewall
this firewall denies all unsollicited incoming packet
a user on a computer of the network opens a ...
1
vote
1
answer
151
views
php / email / iis
in a certain page I have a newsletter subscription form, where the user enters his e-mail address and then through PHP an authenticated e-mail is sent to myself with the user's information (e-mail ...
0
votes
2
answers
284
views
Can Machine Learning be utilized to identify and track IP Spoofing?
"IP Spoofing" refers to changing source IP addresses so that the attack appears to be coming from someone else.
When the victim replies to the address, it goes back to the spoofed address ...