IP Address & spoofing issues (Academic purpose)
Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: IP Address & spoofing issues (Academic purpose)

  1. #1
    Senior Member
    Join Date
    Jun 2003
    Posts
    142

    IP Address & spoofing issues (Academic purpose)

    Well..great forum..I must say..my another question to the gurus is wot if i want to know the IP address of the person i m chattin with on msn messenger...i can do it on irc...
    i was thinkin that wot if we can edit the outgoing packet that carries the destination address...and yes if we can edit the packet...then wot if somebody edit his source ip address...
    is this wot is called Ip spoofing? and how does a tcp/ip three way handshake work when Ip spoofing takes place..
    these are some confusions in ma mind..
    i hope to get the maximum replies and maximum knowledge..
    i would really appreciate the anticpation..
    thank u
    have fun
    ommy

    P.S Please remember my all questions are for the sake of knowledge and learning ..i have no destructive ambitions...Thank u
    and i promise i ll neevr miss use the knowledge that i would acquire frm here....
    and sorry if anybody of u get offended for tat..

  2. #2
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,884
    Yes you can edit the souce address of your ip packet and that is considered IP spoofing. Only one problem. When you do that, the other end reads the packet and replies to the source IP address. This means that whoever you are talking to will reply to a machine that is not yours, so you will never be able to see what they type.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  3. #3
    Senior Member
    Join Date
    Jun 2003
    Posts
    772
    I'm not 100% sure, but if you send the person you're chatting with a file (he first has to accept it ofcourse), a direct connection with his pc is established. So while he's downloading the file from you, bring up a dosprompt and type netstat -an, you'll probably see more connections but the one with him is in the list. Correct me if I'm wrong!
    The above sentences are produced by the propaganda and indoctrination of people manipulating my mind since 1987, hence, I cannot be held responsible for this post\'s content - me

    www.elhalf.com

  4. #4
    0_o Mastermind keezel's Avatar
    Join Date
    Jun 2003
    Posts
    1,024
    I've heard of that before....I think I actually tried the netstat thing on one of my friends and then told him what his IP address was and he thought it was pretty cool. I trust him so I told him how I did it.

  5. #5
    Member
    Join Date
    Jun 2003
    Posts
    71
    That's exactly how I got one of my friend's IPs. I pulled up netstat and looked at all of the IPs, then sent her a file and did netstat again while she was downloading it and noticed an extra IP. It was her IP and she admitted it. However, she was using a router, so all I had was her router's IP, not her computer's internal IP.
    I'm still trying to figure out how to get her internal IP. I scanned her router with NMap but didn't get anything. *shrugs*
    The search continues.....
    Watcher
    \"The feeling of losing your mind is a terrible thing. But once it\'s gone, you\'re fine.\"
    Carrie Fisher

  6. #6
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914

    Re: IP Address & spoofing issues (Academic purpose)

    Originally posted here by ommy
    Well..great forum..I must say..my another question to the gurus is wot if i want to know the IP address of the person i m chattin with on msn messenger...i can do it on irc...
    i was thinkin that wot if we can edit the outgoing packet that carries the destination address...and yes if we can edit the packet...then wot if somebody edit his source ip address...
    is this wot is called Ip spoofing? and how does a tcp/ip three way handshake work when Ip spoofing takes place..
    these are some confusions in ma mind..
    i hope to get the maximum replies and maximum knowledge..
    i would really appreciate the anticpation..
    thank u
    have fun
    ommy

    P.S Please remember my all questions are for the sake of knowledge and learning ..i have no destructive ambitions...Thank u
    and i promise i ll neevr miss use the knowledge that i would acquire frm here....
    and sorry if anybody of u get offended for tat..

    I'm sorry but I refuse to even finish reading that. If anyone wants to translate it, I'll take a look at it and reply if I have anything useful.

    Ommy: Would it be too hard to spell check that, or at least use somewhat proper grammar and language skills.
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  7. #7
    Banned
    Join Date
    Jun 2003
    Posts
    29
    Sending a file to somebody and then using netstat -n to find the IP works fine, however finding an IP of somebody whom your talking to but not transfering files to is harder.
    I'm not absolutely sure though if your talking to somebody and do a netstat -n you'll get a list of virtual servers your connected to (which then connect to the person whom your talking to) and this is where the tricky part comes in; you have to port scan that virtual server and then use an open port from it to check whom else it is connected to.
    I don't know for sure that it will work but aparently it does.

  8. #8
    Senior Member
    Join Date
    Jun 2003
    Posts
    142
    well....anyone have an idea..how does an ip spoofer works....coz it cannot establish a three way connection..then how can it be spoofed...

  9. #9
    Kwiep
    Join Date
    Aug 2001
    Posts
    924
    HTRegz >> I can read it if I try... he's from pakistan so I can't blame him

    ommy >> You can establish a connection with spoofed packets, but you won't be able to decently communicate. Like souleman said, the other computer will send it's packets to the source ip reading from the packets. You changed that source, so it will be sent to another computer. The only purpose of ip spoofing is to hide the source if you only need to send data and not recieve anything back perce. That why the use is almost always malicious. DoS and DDoS etc. attack don't need to recieve anything back and the source likes to be unknown...
    A three way handshake isn't possible with spoofed packets.
    Double Dutch

  10. #10
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    neel: Technically I could. English is a universal language and it is also the business language. When I am writing in french or german, I will spend hours composing a single paragraph so that I'm sure everything is correct. I feel it's an insult to use someone else's language incorrectly. Anyways... I went back and gave it a try and the netstat responses do apply. At least to anyone who attemts to understand what he's put.

    my another question to the gurus is wot if i want to know the IP address of the person i m chattin with on msn messenger...i can do it on irc...
    So the netstat responses do have something to do with what he asked. At least that's how myself and apparently several others understood that part of the question. If the question had been more clearly worded, or at least used sentences, maybe we all would have understood.
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •