Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: spoofing ip address question...

  1. #11
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    United Kingdom: Bridlington
    Say I use a Fake IP address and that IP address does exist in the real world. Now is it possible that if some trojan be installed on the computer whose IP has been spoofed, would I come to know the rsponse from the server.... and then delete the logs from the spoofed computer
    No, that was SirDice's point. You send out a false address and the response comes back to the false address, so you never get to see it.

    EDIT: There are two concepts here which I will crudely explain:

    1. "Spoofing" = appearing to be something that it is not.
    2. "Anonymous" = not being traceable to the true originating individual.

    #1 is about addresses whilst #2 is about people.

    So, if I go and connect to one of the free wirless hotspots in my town, I am to all intents and purposes anonymous and legally connected. If I leech someone's unsecured wireless connection I am still anonymous unless I am "caught in the act" (physically), but what I am doing may well be illegal, depending on local legislation.

    I am using a perfectly normal and valid address that is not spoofed, in both of those cases. The identity will trace back to the owner of the facility, and not the user.

    A trojan using a compromised computer is doing the same. It is using perfectly valid and legitimate resources but without permission.

    A "legal" form of the trojan scenario would be an anonymous proxy. In that situation, the identity would trace back to the proxy in the first instance.

    If I send a spoofed address, anything trying to respond will use that address. If the address does not exist the response will fail. If the address is genuine but is offline, that will fail.............if it is online it should be blocked/dropped because it did not send a request to which the response relates.
    Last edited by nihil; August 26th, 2007 at 12:58 PM.

  2. #12
    Senior Member Opus00's Avatar
    Join Date
    May 2005
    If you want to get technical, the real concept of "spoofing" in the orignal sense has to do with tcp/ip sequence number predictability and being able to hijack/inject into an established tcp/ip session.
    There are two rules for success in life:
    Rule 1: Don't tell people everything you know.

  3. #13
    nmap has the ftp bounce relay option.

    Script kiddies make the logs look good, so we can keep our jobs.

  4. #14
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Quote Originally Posted by caveman8fb
    nmap has the ftp bounce relay option.
    Exactly. I was just going to point this one out.

    Don't forget about the idle scan too.

    Anyway, as others have pointed out, computer security is a double edge sword. What good is trying to protect your systems if you don't know the methods that the attackers might be using? How do you setup your defenses?

    Thats why we have something called ethics. Learn all you want about whatever you want... but use your knowledge wisely. If you want to be dumb and have your ISP canceling your account or dragging you or your parents into court... then go for it!

    You'll find that a lot of the very serious security professionals monitor/participate in the "underground" scene to keep up to date. They gain their trust, offer advise, etc. all to stay ahead of them.

    Why do we have books like the Hacking Exposed series, or Hack Attacks Revealed series? Not only script kiddies buy those books.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

Similar Threads

  1. MIPS Assembly, an Introduction
    By skiddieleet in forum Other Tutorials Forum
    Replies: 5
    Last Post: March 9th, 2005, 07:20 PM
  2. IP address in question
    By dublix in forum Newbie Security Questions
    Replies: 8
    Last Post: December 15th, 2002, 09:22 PM
  3. Newbies, list of many words definitions.
    By -DaRK-RaiDeR- in forum Newbie Security Questions
    Replies: 9
    Last Post: December 14th, 2002, 08:38 PM
  4. Test Your Knowledge of Redhat?
    By smirc in forum AntiOnline's General Chit Chat
    Replies: 3
    Last Post: May 13th, 2002, 03:24 AM
  5. Anonymoity Tutorial
    By ac1dsp3ctrum in forum The Security Tutorials Forum
    Replies: 8
    Last Post: February 13th, 2002, 12:36 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts