Results 1 to 10 of 10

Thread: disguise

  1. #1
    Junior Member
    Join Date
    Jan 2002
    Posts
    3

    Question disguise

    hi, this is my first post here on ao and was wondering
    if anyone could give me some links and info on ip spoofing on linux
    (redhat) and windows98...or any other ways of disguising my origin.

  2. #2
    Junior Member
    Join Date
    Jan 2002
    Posts
    3
    ...and if anybody can give me some helpfull info on routing
    and if i can do if from my pc...

  3. #3
    Old-Fogey:Addicts founder Terr's Avatar
    Join Date
    Aug 2001
    Location
    Seattle, WA
    Posts
    2,007
    Quickie not-too-technical-or-specific-post...

    You can't spoof. Not in the way most people think of it. Give up ideas of being totally invisible.

    As for routing, without NAT software (special third-party stuff) or M$ Internet-Connection-Sharing stuff, you can't let other people on your LAN access the internet through your computer unless your ISP has given you multiple IP addresses (which means you pay more to them)

    ANTIPOINT REPLY: What, was I factually wrong? Was the post a waste of time? Did I insult someone? You could at least leave a comment.
    [HvC]Terr: L33T Technical Proficiency

  4. #4
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    However...you can let people on your LAN access the Internet with a single IP if you use Hide NAT...AKA PAT (Port Address Translation). I think almost all firewalls and routers can do this..the downside; your machine will not be accessible form the Internet if you are hosting anything. Terr is right you will need to pay for an extra IP in this case

  5. #5
    Senior since the 3 dot era
    Join Date
    Nov 2001
    Posts
    1,542
    Addition to Terr's post:

    You can share your connection using a Linux distro that acts as router... there are many posts here at AO about that. Search for IPCHAINS, IPMASQ, BBIagent, fwfloppy, connection sharing.

    About the downside explained by iNViCTuS, it is also possible to route traffic to a box inside your LAN, for instance to use as a webserver, with a good firewall/router product or some linux config-tweaks you can route all webtraffic to your webserver inside your LAN whenever ppl enter your public IP. However this is not a very secure option, better is to use a DMZ, (DeMilitarized Zone) in this case, so your security for your LAN is high but you have one box, outside the high secure firewall setting, which will act as a webserver, if you want to secure that box too you can use different firewall boxes or one with three NIC's (1 WAN, 2 LAN) and two subnets.

    Code:
    # example
    
    Internet <--> firewall (allow outside traffic to DMZ)  <--> DMZ (webserver,...)
                                                           <--> Firewall <--> switch <--> pc1
                                                                                     <--> pc2
                                                                                     <--> pc3
    Or simply use a firewall that provides DMZ, or a switch with built in firewall and DMZ so you wouldn't need the 'difficult' setup explained above.


    btw: I didn't post those negative points

  6. #6
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    If I had more time...I would have explained it just like VictorKaum...

    So good job....and BTW...it was not I who gave you negative points either, Terr...I don't know why someone would either...what you said is correct.

  7. #7
    Junior Member
    Join Date
    Feb 2002
    Posts
    4
    As far as spoofing goes, there are plenty of apps that will allow you to do it, the question is what will you be able to achieve???

    The nature of TCP/IP communications makes spoofing another IP pretty much pointless...When you try to initiate any sort of communications between your computer (with a spoofed ip) and another, your computer will request to send information, and the other computer will send an acknowledgement to the ip you are spoofing....Since it's not actually your ip, your computer will never send any information to the remote one because it will never receive the acknowlegement...

    There are anonymous procies you can use to mask your ip, but since most of them log traffic, that won't stop the federalis from kicking in your door if you do something illegal...



    Caskethopper
    I hear the Crawling Chaos that calls beyond the stars

  8. #8
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    Well...honestly, i have to disagree, spoofing an IP can be very effective in a DoS attack. IP spoofing can be used very effectively in many situations, TCP session hijacking being one of them.

    It is just important to remember that even though it is not likely, it is possible.

  9. #9
    Junior Member
    Join Date
    Jan 2002
    Posts
    9

    Question disguise?

    Spoofing?

    Hmmmm?.....I've read a lot about this spoofing thingy..but haven't tried it yet...i guess it's not that easy to spoof eh?....I wish someone could really teach me how it really work... Btw does a firewall spoof your ip? if you're under one?


    SilVerRusT
    (hi...ho...silver away!)

  10. #10
    Senior since the 3 dot era
    Join Date
    Nov 2001
    Posts
    1,542
    If the firewall does NAT (network Adress translation) it will hide your IP, the same goes for a firewall that does a IPMASQ (IP masquerading), but remember that the IP that will show up at the otherside is your firewall/router IP, so your IP isn't really spoofed. If you use a proxy you have to use one with garanteed anonimity, like one located in former sovjet republics or at some strange islands in the pacific. You have to make sure that there's no way that they will give logs to others (like fed's).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •