spoofing ip address question...

[k_tech]

does anybody know how to spoof an IP address while performing a port scan on the internet?......as I've notice that the remote host logs your routers ip address.

thanks

[Negative]

Do a search on thehorse13 in the Tutorials Index.

[SirDice]

Well, basicly, you can't.. Suppose I spoofed my address and scanned someone, how would I know any ports are open? The replies get send to the spoofed address, not me. Hence, it won't work.

That said, you can send some fake spoofed scans along with the real scan. Your address would still be logged but so do all the fake ones. If you're clever enough you can hide in the 'noise'. There are also some 'indirect' scanning methods..

[Ouroboros]

does anybody know how to spoof an IP address while performing a port scan on the internet?......as I've notice that the remote host logs your routers ip address.

thanks

Why?

[Zorolord]

I thought this website was security based and in the interest of protecting computer systems, and not providing script kiddies the means to hide their identity!!!

So may I ask why two senior members are providing this information. As it pretty obvious this guy is doing some he shouldn't be!!!!

[SirDice]

The question in and of itself is ridiculous as you should know. He'll find out when he reads the tutorials.
Feck, he may even learn something. Didn't we all fit his category/profile at a time long forgotten?

Old Chinese proverb:
A wise man learns more from asking stupid questions then a stupid man learns from wise answers.

[Zorolord]

Sort of, I didn't enquire about spoofing IP's though. I am sure you receive a warning when you first sign up on not to ask questions about hacking i.e. How to I hack a MSN account and other relate topics.

[SirDice]

Knowing TCP/IP and knowing what spoofing is and how it works is valuable knowledge for any security professional.

He can read the logs on the remote host.. Maybe it's his own? Maybe he's just looking to see what can and cannot be done and/or detected?

[nihil]

I cannot say that I see anything particularly wrong with the original question, other than that it is slightly lacking in detail of the particular circumstances.

Right now, I am sure that I would have a problem because I am using an ADSL link that is recognised by my unique account and telephone number. It is a land line, so I can only use it from my physical address.

I think that SirDice is getting close to the target. If you are port scanning you need to give an address to reply to, but this may not be identifiable as you?

"Spoofing" and "anonymous" are not the same thing?

[jockey0109]

Well, I agree that the site is meant for dicussing security but then, I think that the question is alright in its place. I am not an expert when it comes to networking. But whatever I know, no matter how small it is, have learnt from those stupid questions on chat rooms (well, I did not know anything like 'forums' at that time).

SirDice is right, but I have a question in my mind: Say I use a Fake IP address and that IP address does exist in the real world. Now is it possible that if some trojan be installed on the computer whose IP has been spoofed, would I come to know the rsponse from the server.... and then delete the logs from the spoofed computer?