August 26th, 2007, 12:01 PM
No, that was SirDice's point. You send out a false address and the response comes back to the false address, so you never get to see it.
Say I use a Fake IP address and that IP address does exist
in the real world. Now is it possible that if some trojan be installed on the computer whose IP has been spoofed, would I come to know the rsponse from the server.... and then delete the logs from the spoofed computer
EDIT: There are two concepts here which I will crudely explain:
1. "Spoofing" = appearing to be something that it is not.
2. "Anonymous" = not being traceable to the true originating individual.
#1 is about addresses whilst #2 is about people.
So, if I go and connect to one of the free wirless hotspots in my town, I am to all intents and purposes anonymous and legally connected. If I leech someone's unsecured wireless connection I am still anonymous unless I am "caught in the act" (physically), but what I am doing may well be illegal, depending on local legislation.
I am using a perfectly normal and valid address that is not spoofed, in both of those cases. The identity will trace back to the owner of the facility, and not the user.
A trojan using a compromised computer is doing the same. It is using perfectly valid and legitimate resources but without permission.
A "legal" form of the trojan scenario would be an anonymous proxy. In that situation, the identity would trace back to the proxy in the first instance.
If I send a spoofed address, anything trying to respond will use that address. If the address does not exist the response will fail. If the address is genuine but is offline, that will fail.............if it is online it should be blocked/dropped because it did not send a request to which the response relates.
Last edited by nihil; August 26th, 2007 at 12:58 PM.
August 26th, 2007, 03:47 PM
If you want to get technical, the real concept of "spoofing" in the orignal sense has to do with tcp/ip sequence number predictability and being able to hijack/inject into an established tcp/ip session.
There are two rules for success in life:
Rule 1: Don't tell people everything you know.
August 27th, 2007, 07:06 AM
nmap has the ftp bounce relay option.
Script kiddies make the logs look good, so we can keep our jobs.
August 29th, 2007, 12:48 PM
Exactly. I was just going to point this one out.
Originally Posted by caveman8fb
Don't forget about the idle scan too.
Anyway, as others have pointed out, computer security is a double edge sword. What good is trying to protect your systems if you don't know the methods that the attackers might be using? How do you setup your defenses?
Thats why we have something called ethics. Learn all you want about whatever you want... but use your knowledge wisely. If you want to be dumb and have your ISP canceling your account or dragging you or your parents into court... then go for it!
You'll find that a lot of the very serious security professionals monitor/participate in the "underground" scene to keep up to date. They gain their trust, offer advise, etc. all to stay ahead of them.
Why do we have books like the Hacking Exposed series, or Hack Attacks Revealed series? Not only script kiddies buy those books.
is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
By skiddieleet in forum Other Tutorials Forum
Last Post: March 9th, 2005, 06:20 PM
By dublix in forum Newbie Security Questions
Last Post: December 15th, 2002, 08:22 PM
By -DaRK-RaiDeR- in forum Newbie Security Questions
Last Post: December 14th, 2002, 07:38 PM
By smirc in forum AntiOnline's General Chit Chat
Last Post: May 13th, 2002, 03:24 AM
By ac1dsp3ctrum in forum The Security Tutorials Forum
Last Post: February 13th, 2002, 11:36 AM