Ok I have read several posts and talked with those on the irc channel.

If there is no way to hide your IP or proxy it then how do people still hack? Is this a matter of finding servers that just have poor security and poor logging? Do the crackers or hackers erase their tracks in the logs or use some type of backdoor?

With all the hacks/cracks going on what I don't understand is if their IP has not been faked how come they are not traced?

Is this why we are seeing an increase in worms and trojans because they are bounced so many times that tracing them back is almost impossible?

This is just to get started and understand how people are still breaking into computers when they can be traced.

It certainly is possible to spoof your ip, everyone's best friend - NMAP, has a nice way of bouncing packets off any ip/hostname - people can get quite confused when thier software firewall tells them www.altalavista.com is scanning them!!

All that is it simple IP packet header forging, not "bouncing" or any sort of relaying. No program can control the packet routing of another machine unless that machine knowingly accpets the rerouted connect. So, I would hardly call that a "spoof". You can't complete a TCP socket connection with that method of scanning.

All it does is create a RAW packet and set the src_ip in sockaddr struct (For us C programmers) to whatever you want. By no means is that an effective "spoof".

Not to mention that most routers will drop packets that the source header is not of a subnet that they route to. Which means, if you're in blah.rr.com, and try to spoof, altavista's IP, TimeWarner's router will kill your packet before it even gets to it's destination.. yet again.. not effective..

Personal note: petemcevoy, you should drop by irc.Antionline.com in #Antionline, I feel we would have some great discussions. ;)

If there is no way to hide your IP or proxy it then how do people still hack? Is this a matter of finding servers that just have poor security and poor logging? Do the crackers or hackers erase their tracks in the logs or use some type of backdoor?
With all the hacks/cracks going on what I don't understand is if their IP has not been faked how come they are not traced?
Is this why we are seeing an increase in worms and trojans because they are bounced so many times that tracing them back is almost impossible?
This is just to get started and understand how people are still breaking into computers when they can be traced.



:bigpimp:

Hacking has nothing to do with being able to spoof. People jsut "assume" that if they hack a server, they won't be caught. Muttster posted informative article about being traced. You will get caught if someone cares enough to catch you.

Oh well..

Those are all fair points you made jparker, but in my defence i was just giving an example of how somebody who may want to seem "l33t" could fool a software firewall (say, blackice defender) into thinking that the scan was originating from somewhere else. Its my opinion that something as complicated as disabling a host in order to use its ip for your own nefarious reasons is well beyond the scope of this thread.

I'll speak to you IRC style soon.

Greetings all. I was wondering what the difference was between all these different methods of hideing yer IP address,DNS address, or what ever it is that u are trying to hide. What methods are used, how they are traced, and what do u suggest to use for anonimity on the web. Latr--
Remote_Access_

I have to go with "buddy" who said that If someone cares enough to catch you they will. From Ip to other forms of tracking, there are mad Progs out there to "hunt" down someone. But If you just want to hide your Ip addy, you can go to www.download.com and type In Ip hide. You might find somestuff....:firedevil

Originally posted by Remote_Access_
Greetings all. I was wondering what the difference was between all these different methods of hideing yer IP address,DNS address, or what ever it is that u are trying to hide. What methods are used, how they are traced, and what do u suggest to use for anonimity on the web. Latr--
Remote_Access_

Remote: I've written an article in this section of the forums on IP Spoofing.

Ok i didnt have enought time to read it last night, but i'll go check it out latr today. thx parker. latr--
Remote_

Dont forget about the local library that doesnt have camers and has internet explorer and windows. Of course everyone knows how to open telnet from ie (telnet://).