October 19th, 2001, 08:54 PM
Ip Spoofing How does it work
My question is pretty blunt, I see all these programs tha spoof your IP, How do these programs work? What type of services have to be run? Do you have to use a program to spoof your IP.
I could only think of one way and that is to login to as many different shell accounts as you could.And then using a shell account to hide your Ip.But this would not be un traceable.
I was hoping for input on a mannually way to learn the techniques of how one might spoof an IP.
I am using a windows XP pro, with a dial up connection. I would use linux if my modem would work for it but I can't so.
Any information would be useful.
How do you guys get those cool little pics,or icons after your name when you post a reply or thread.
October 19th, 2001, 10:38 PM
blund yeah blund you can edit you'r profile and there you can select a avatar
hip hop rules
October 19th, 2001, 10:42 PM
Picture By Name
About the Picture/Icons you were asking about...
Login and go to "Edit site options". It is at the very bottom.
Once you get 45 (Maybe 50) posts, you can add your own!
October 19th, 2001, 11:03 PM
Ok I got the Avatar thing
Thanks for the help, with the avatar. So does any one know about the main question.
October 19th, 2001, 11:15 PM
[HvC]Terr: L33T Technical Proficiency
October 20th, 2001, 01:37 AM
Ok, thanks for the links Terr it helped out.I now understand how IP spoofing is worked.But wouldn't hackers have to hack and edit the proxy logs, and any other information with there IP that can be tracked.In order to tottaly remain annonomius(I know it is spelled right).
To bad there is just no way to edit the IP that you are given.
Well I guess I shoud read up about proxies.
October 20th, 2001, 02:54 AM
October 20th, 2001, 05:37 AM
OK.. Last time.
*YOU CANNOT IP SPOOF*
There is a different between proxying, which is not spoofing, and IP spoofing with is actually modifying your IP in the TCP stack to falsify your **** to the remote host.
There were two basica ways to IP spoof:
A) A vulnerable release of BIND.. Long long ago. IT's been fixed. Bascially what would happen is there is a buffer overflow condition where you would inject your IP into the memory space of the authoritative nameserver. Again, it's been fixed.
B) Second.. TCP Sequence number predicition. All that happend was that a program would predict the sequence numbers in the SYN/ACK that would have been received from the remote host and basically send a response to the remote host that would "authenticate" the lost SYN/ACK.. TCP Sequence number prediction is theoretically possible, but, there are so many algorithms now that it's just not .. blah.. OK..
Jason Parker - http://www.o-negative.net
o-Negative: Information Network
October 20th, 2001, 03:46 PM
I understand what your saying that by going through proxies is not really spoofing your IP but being able to hide it. Editing the tcp stack seems to be the only way to really change an IP but seriously how many different ways are there to do that.
I like the idea of what you where talking about, predicting the TCP sequence numbers. That would obviously work, because by predicting it can't be 100% correct, it's going to be off and you won't have the original IP anymore.