RE: tcp/routing question...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2005-06-07 at 11:18, bruce wrote:
> are you sure about this...??
> 
> here's my question...
>  client (a)  --->>>> bank server (b)
>  client (a)  <<<---  bank server (b)
> 
> if server b gets the data/information from 'a', server 'b should get ip
> address 1.2.3.4, which is the real ip address of client 'a'.
> 
> is there away for a mitm server, to get in the middle, manipulate the data
> from 'a' to 'b', send the data to 'b' and spoof the ip address to look as
> though the data came from 'a'..
> 
> -bruce

Short answer yes.  The idea of a MITM attack is that somehow the
attacker has inserted a system or redirected your systems traffic
through a intermediate system.  The middle system acts as a proxy.  It
can be capable of rewriting the packets going between the two systems
under attack.  The middle system will handshake with each of the other
systems and relay packets between so you won't know it is there.  At
that point it will collect information or can modify the packets going
through for what ever purpose.

The difficulty is in getting a system inserted into such a position.  It
typically requires physically inserting a system in the path unless the
attacker is able to mess with the end systems proxy settings and
redirect things that way.  


-- 
Scot L. Harris
webid@xxxxxxxxxx

"For the love of phlegm...a stupid wall of death rays.  How tacky can ya get?"
- Post Brothers comics 


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux