-
June 23rd, 2005, 01:38 AM
#1
IP address hiding
is there anyway that i can hide my server's real ip address from all the program that is running on my network? i just dont know. or something that when pinged my IP address will always reply with "Destination net unreachable" or "Request timed out". just like AO's. how can we do that?
-
June 23rd, 2005, 02:38 AM
#2
Hi yatot,
I'm assuming this is your network and you want to access the computers on your network without them knowing...
this will give you a steath mode on your own network...
http://www.systracker.com/faq.asp
Track4Win - FAQ
Eg
-
June 23rd, 2005, 02:47 AM
#3
exactly, i have to block some IM ports and monitor the network activity. before i have a DHCP connection through my network. but then i have to test the PC's here with manually configuring each computer's ip addresses. so that i can monitor who's computer is not working and active.
i'd try that one. thanks
-
June 23rd, 2005, 12:46 PM
#4
Junior Member
If you don't want you server to respond to ping's, you just need to edit some values in the proc filesystem. Check it out:
/bin/echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
This will cause the server to drop all IMCP type 0 packets, which are your standard echo request, or ping packets. This will stop your server from responding to ping's
/bin/echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
This will cause the server to ignore any ping packets sent to the broadcast address (usually used in Smurf DoS attacks).
Those two settings in your proc filesystem should cause the server to ignore pings.
An ancient chinese man once told me: \"The hotter the tea, the bigger the wang.\"
My tea is extra hot.
-
June 24th, 2005, 04:42 AM
#5
how about if am running a windows based server? is there anyway i can do that in windows?
-
June 24th, 2005, 12:51 PM
#6
Originally posted here by yatot
how about if am running a windows based server? is there anyway i can do that in windows?
Depending upon how you network is setup, you could put an ACL (Access Control List) on your switch or router to filter out ICMP traffic. This would greatly depend upon how the server in question is connected to the network. However, this can cause problems with network troublshooting.
Hope this helps
-
June 26th, 2005, 04:08 AM
#7
Realize that you are going to have to do this for TCP, UDP, 'and' ICMP.
In an examle provided by frostedegg, on Linux you can just tell the kernel via /proc to ignore ICMP.
But, if I am a curious boy who runs an elite system like Solaris, I can simply UDP ping you (ping -sU <hostname> .
If you really want to hide a machine, put it behind a reverse proxy firewall and configure it to NAT legit traffic to your server.
-- spurious
Get OpenSolaris http://www.opensolaris.org/
-
June 26th, 2005, 05:38 AM
#8
Another method could be to setup Routing services on your Windows box.
The best answer to this question depends upon what your end result needs to be. What are you trying to achieve by doing this?
-
June 26th, 2005, 02:26 PM
#9
On your windows box, you simply go into TCP/IP advanced properties, then in the firewall section click settings, advanced tab, then select your local lan connection, then settings, then the ICMP tab and select which type of ICMP traffic you want.
This will vary depending upon what Win32 OS you are running. The above is for XP SP2.
I often wonder why people try to hide IP addresses. Why not concentrate on securing the box. The fact of the matter is that your IP is exposed on a regular basis. It is not a risk when you're properly protected.
my 2 cents
--TH13
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
June 28th, 2005, 02:46 PM
#10
Junior Member
you also have to understand a few things about "pinging" It all depends on what the server is set up for, if its your webserver you would leave it for the most part, is it DMZ database server -> then probably mot, is it something on your internal network, then nO. even if its a webserver blocking ICMP echos will be of little consequence when port 80 is replying to Syns. There are more or less a few methods to determine if a host is alive, ICMP pings and TCP/UDP packets from my limited understanding.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|