[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-grip-isp-00.txt now available



On Thu, 23 Oct 1997 20:28:27 PDT
	Phil Karn <karn@qualcomm.com> said:

> The only practical spoofing-based attacks I'm aware of are all
> denial-of-service attacks. That's because you generally can't get
> reply packets based to whatever bogus IP address you've been using.

I may be wrong but I believe

1. some udp service can be attacked by a spoofing

2. some tcp services can be attacked by a shotgun approach --
   pump the command sequence that would be sent assuming replies
   did make it back. Ie. attacker doesn't worry about lock step protocol
   but pipes all the commands at one go.

But I may be wrong.