Theoretically... In Active attacks we have "modification attack"...ie
"In a message modification attack, an intruder alters packet header addresses to direct a message to a different destination or modify the data on a target machine."
not sure how this "Live Modification" works practically....say
Case 1 : In wired network say LAN A-sends-packet-->B C is eavesdropping in promiscous mode. got the packet. altered the header n stuff. recalculated CRC and send to B. now this process will take say 5 nanoSecs. wont the original packet reach the reciever by then? is there a way to kill the original packet? I dont think so. even there is such a technique the incercept/Kill (say we are sending a collision packet) wont be sucessful all the time, there will be hit n miss...bit confused here.
Okay Lets assume its possible in Wired Lan...what about wireless?
Case 2 : Wireless Lan
with compatible WNICs(thanks to china n taiwan :D ) we can put our cards not only in promiscious mode but also in "mon mode" capable of "Packet Injection".
this is again not a true injection. we are jus creating a new packet with altered header and tweaking the checksum and sending it on the air. A true injection/Kill of the original packet in the air in 802.11 radio format is impossible.
and if the original packet reaches first (which it will coz attacker needs some time to fabricate the packet), wont the forged packet be discarded as it reaches later? not to forget "nonce" values attached to everything now a days to stop replay attacks...
Enlighten me por favor!
