[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: threats ID
Iljitsch;
1. Security Considerations
:-)
It should be leagal. :-)
Without assuming MITM, existing transport and/or upper layer
protocols using cookie or cookie like information can be naturally
extended as a reasonable protection against connection hijacking by
false source information.
That's not quite true. Obviously when there is a man in the middle all
bets are off. However, when protection consists of cookies then a "man"
doesn't have to be "in the middle": being on the sidelines is good
enough. For instance, the attacker may be on a shared subnet (such as a
wireless lan) with one of the victims, allowing him to intercept the
cookie and subsequently inject false packets into the communication
between the victims. Under some circumstances, this may be enough to
steal a session.
MITM means someone who can snoop, erase and modify packets of victims.
It is not necessary that victims and MITM are separated by routers.
It is not even necessary that victims and MITM are separated by
L2 switches or L1 hubs.
Even if two victims are directly connected by a pair of fiber,
MITM can exist by cutting the pair and inserting itself in
between.
Silimar attack is much easier if physical media is wireless lan.
I think I gave you an example of how easy to create MITM with
wireless lan.
Masataka Ohta
- References:
- threats ID
- From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
- Re: threats ID
- From: Iljitsch van Beijnum <iljitsch@muada.com>