Re: Evil Hackers, Spoofing, and PortIDs
Re: Evil Hackers, Spoofing, and PortIDs
- Subject: Re: Evil Hackers, Spoofing, and PortIDs
- From: Chilton Webb <email@hidden>
- Date: Sun, 17 Nov 2002 16:59:17 -0600
Hi Jens,
On Sunday, November 17, 2002, at 03:12 PM, Jens Bauer wrote:
(I'm referring to the stereotypical media-hyped 'Hacker' here, not
the old-skewl meaning...)
I am designing the networking code for an online game. My limited
knowledge of TCP reveals that any inbound data (origin IP address,
etc.) can be spoofed. But once said data hits my machine, the new
inbound socket connection is given a SocketID. Can that SocketID be
spoofed? I can't see how, but before I rely on that (in addition to
other security precautions), I'd kinda like to know.
Thinking simple, I would say: Yes. Anything can be spoofed, it's just
a matter of difficulty. :)
Can you take a box (Ethernet hub), connect it to another box
(computer), using a pipeline (ethernet wire), and be *sure* that there
is not a box between the two boxes ?
-No.
=)
Hey, if those are the requirements needed to spoof a socketID, I'll
take em ;-)
But even then, the socket ID would be designated inside my box, which
is what I'm wondering about. Is there some way to circumvent BSD's
networking architecture so that you could get around even this?
-Chilton
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.