Spoofing, Proxies, hacking/cracking, What is the truth?

Printable View

September 20th, 2001, 07:08 PM
FlashOveride

Spoofing, Proxies, hacking/cracking, What is the truth?

Ok I have read several posts and talked with those on the irc channel.

If there is no way to hide your IP or proxy it then how do people still hack? Is this a matter of finding servers that just have poor security and poor logging? Do the crackers or hackers erase their tracks in the logs or use some type of backdoor?

With all the hacks/cracks going on what I don't understand is if their IP has not been faked how come they are not traced?

Is this why we are seeing an increase in worms and trojans because they are bounced so many times that tracing them back is almost impossible?

This is just to get started and understand how people are still breaking into computers when they can be traced.
September 20th, 2001, 07:27 PM
petemcevoy

spoofing

It certainly is possible to spoof your ip, everyone's best friend - NMAP, has a nice way of bouncing packets off any ip/hostname - people can get quite confused when thier software firewall tells them www.altalavista.com is scanning them!!
September 20th, 2001, 08:33 PM
jparker[]

All that is it simple IP packet header forging, not "bouncing" or any sort of relaying. No program can control the packet routing of another machine unless that machine knowingly accpets the rerouted connect. So, I would hardly call that a "spoof". You can't complete a TCP socket connection with that method of scanning.

All it does is create a RAW packet and set the src_ip in sockaddr struct (For us C programmers) to whatever you want. By no means is that an effective "spoof".

Not to mention that most routers will drop packets that the source header is not of a subnet that they route to. Which means, if you're in blah.rr.com, and try to spoof, altavista's IP, TimeWarner's router will kill your packet before it even gets to it's destination.. yet again.. not effective..

Personal note: petemcevoy, you should drop by irc.Antionline.com in #Antionline, I feel we would have some great discussions. ;)
September 20th, 2001, 08:36 PM
FlashOveride

Ok but what about my original ??'s

Quote:

If there is no way to hide your IP or proxy it then how do people still hack? Is this a matter of finding servers that just have poor security and poor logging? Do the crackers or hackers erase their tracks in the logs or use some type of backdoor?
With all the hacks/cracks going on what I don't understand is if their IP has not been faked how come they are not traced?
Is this why we are seeing an increase in worms and trojans because they are bounced so many times that tracing them back is almost impossible?
This is just to get started and understand how people are still breaking into computers when they can be traced.

:bigpimp:
September 21st, 2001, 06:27 AM
jparker[]

Hacking has nothing to do with being able to spoof. People jsut "assume" that if they hack a server, they won't be caught. Muttster posted informative article about being traced. You will get caught if someone cares enough to catch you.

Oh well..
September 21st, 2001, 11:46 AM
petemcevoy

spoofing

Those are all fair points you made jparker, but in my defence i was just giving an example of how somebody who may want to seem "l33t" could fool a software firewall (say, blackice defender) into thinking that the scan was originating from somewhere else. Its my opinion that something as complicated as disabling a host in order to use its ip for your own nefarious reasons is well beyond the scope of this thread.

I'll speak to you IRC style soon.
September 22nd, 2001, 06:05 AM
Remote_Access_

Proxys, SOCKS, and Anonymity

Greetings all. I was wondering what the difference was between all these different methods of hideing yer IP address,DNS address, or what ever it is that u are trying to hide. What methods are used, how they are traced, and what do u suggest to use for anonimity on the web. Latr--
Remote_Access_
September 22nd, 2001, 07:53 AM
bizzybutlazy

Watch out!

I have to go with "buddy" who said that If someone cares enough to catch you they will. From Ip to other forms of tracking, there are mad Progs out there to "hunt" down someone. But If you just want to hide your Ip addy, you can go to www.download.com and type In Ip hide. You might find somestuff....:firedevil
September 22nd, 2001, 03:49 PM
jparker[]

Re: Proxys, SOCKS, and Anonymity

Quote:

Originally posted by Remote_Access_
Greetings all. I was wondering what the difference was between all these different methods of hideing yer IP address,DNS address, or what ever it is that u are trying to hide. What methods are used, how they are traced, and what do u suggest to use for anonimity on the web. Latr--
Remote_Access_

Remote: I've written an article in this section of the forums on IP Spoofing.
September 22nd, 2001, 08:31 PM
Remote_Access_

Parker:

Ok i didnt have enought time to read it last night, but i'll go check it out latr today. thx parker. latr--
Remote_
September 23rd, 2001, 07:22 AM
mutt

Dont forget about the local library that doesnt have camers and has internet explorer and windows. Of course everyone knows how to open telnet from ie (telnet://).