February 5th, 2002 05:28 PM
hi, this is my first post here on ao and was wondering
if anyone could give me some links and info on ip spoofing on linux
(redhat) and windows98...or any other ways of disguising my origin.
February 5th, 2002 05:35 PM
...and if anybody can give me some helpfull info on routing
and if i can do if from my pc...
February 5th, 2002 06:49 PM
You can't spoof. Not in the way most people think of it. Give up ideas of being totally invisible.
As for routing, without NAT software (special third-party stuff) or M$ Internet-Connection-Sharing stuff, you can't let other people on your LAN access the internet through your computer unless your ISP has given you multiple IP addresses (which means you pay more to them)
ANTIPOINT REPLY: What, was I factually wrong? Was the post a waste of time? Did I insult someone? You could at least leave a comment.
[HvC]Terr: L33T Technical Proficiency
February 5th, 2002 08:39 PM
However...you can let people on your LAN access the Internet with a single IP if you use Hide NAT...AKA PAT (Port Address Translation). I think almost all firewalls and routers can do this..the downside; your machine will not be accessible form the Internet if you are hosting anything. Terr is right you will need to pay for an extra IP in this case
February 6th, 2002 05:59 PM
Addition to Terr's post:
You can share your connection using a Linux distro that acts as router... there are many posts here at AO about that. Search for IPCHAINS, IPMASQ, BBIagent, fwfloppy, connection sharing.
About the downside explained by iNViCTuS, it is also possible to route traffic to a box inside your LAN, for instance to use as a webserver, with a good firewall/router product or some linux config-tweaks you can route all webtraffic to your webserver inside your LAN whenever ppl enter your public IP. However this is not a very secure option, better is to use a DMZ, (DeMilitarized Zone) in this case, so your security for your LAN is high but you have one box, outside the high secure firewall setting, which will act as a webserver, if you want to secure that box too you can use different firewall boxes or one with three NIC's (1 WAN, 2 LAN) and two subnets.
Or simply use a firewall that provides DMZ, or a switch with built in firewall and DMZ so you wouldn't need the 'difficult' setup explained above.
Internet <--> firewall (allow outside traffic to DMZ) <--> DMZ (webserver,...)
<--> Firewall <--> switch <--> pc1
btw: I didn't post those negative points
February 6th, 2002 07:50 PM
If I had more time...I would have explained it just like VictorKaum...
So good job....and BTW...it was not I who gave you negative points either, Terr...I don't know why someone would either...what you said is correct.
February 6th, 2002 08:58 PM
As far as spoofing goes, there are plenty of apps that will allow you to do it, the question is what will you be able to achieve???
The nature of TCP/IP communications makes spoofing another IP pretty much pointless...When you try to initiate any sort of communications between your computer (with a spoofed ip) and another, your computer will request to send information, and the other computer will send an acknowledgement to the ip you are spoofing....Since it's not actually your ip, your computer will never send any information to the remote one because it will never receive the acknowlegement...
There are anonymous procies you can use to mask your ip, but since most of them log traffic, that won't stop the federalis from kicking in your door if you do something illegal...
I hear the Crawling Chaos that calls beyond the stars
February 6th, 2002 09:21 PM
Well...honestly, i have to disagree, spoofing an IP can be very effective in a DoS attack. IP spoofing can be used very effectively in many situations, TCP session hijacking being one of them.
It is just important to remember that even though it is not likely, it is possible.
February 7th, 2002 05:35 PM
February 7th, 2002 06:04 PM
If the firewall does NAT (network Adress translation) it will hide your IP, the same goes for a firewall that does a IPMASQ (IP masquerading), but remember that the IP that will show up at the otherside is your firewall/router IP, so your IP isn't really spoofed. If you use a proxy you have to use one with garanteed anonimity, like one located in former sovjet republics or at some strange islands in the pacific. You have to make sure that there's no way that they will give logs to others (like fed's).