• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Evil Hackers, Spoofing, and PortIDs
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Evil Hackers, Spoofing, and PortIDs

  • Subject: Re: Evil Hackers, Spoofing, and PortIDs
  • From: Jens Bauer <email@hidden>
  • Date: Mon, 18 Nov 2002 03:24:03 +0100
Hi Chilton,

(Sorry to everybody, ofcourse I replied from my default email address again...)

On Sunday, Nov 17, 2002, at 23:59 Europe/Copenhagen, Chilton Webb wrote:

On Sunday, November 17, 2002, at 03:12 PM, Jens Bauer wrote:
(I'm referring to the stereotypical media-hyped 'Hacker' here, not the old-skewl meaning...)

I am designing the networking code for an online game. My limited knowledge of TCP reveals that any inbound data (origin IP address, etc.) can be spoofed. But once said data hits my machine, the new inbound socket connection is given a SocketID. Can that SocketID be spoofed? I can't see how, but before I rely on that (in addition to other security precautions), I'd kinda like to know.

Thinking simple, I would say: Yes. Anything can be spoofed, it's just a matter of difficulty. :)
Can you take a box (Ethernet hub), connect it to another box (computer), using a pipeline (ethernet wire), and be *sure* that there is not a box between the two boxes ?
-No.
=)
Hey, if those are the requirements needed to spoof a socketID, I'll take em ;-)

But even then, the socket ID would be designated inside my box, which is what I'm wondering about. Is there some way to circumvent BSD's networking architecture so that you could get around even this?

I think it'd be possible to do using some kind of lower layer transport; I must admit, though, that I haven't been working with this at all.
Maybe something on a level near RAW-IP sockets, would be my guess.
If I was going to make a hack-attempt, I'd probably try writing a driver, which runs on the same box as the socket that you are trying to spoof.
-Eg. grab some open-source code, modify it, recompile it, and put the kext in the Extensions folder.


Love,
Jens
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.
References: 
 >Re: Evil Hackers, Spoofing, and PortIDs (From: Chilton Webb <email@hidden>)

  • Prev by Date: Re: Evil Hackers, Spoofing, and PortIDs
  • Next by Date: Re: CFStream Problem on Jaguar
  • Previous by thread: Re: Evil Hackers, Spoofing, and PortIDs
  • Next by thread: Headers incompatibility
  • Index(es):
    • Date
    • Thread