Results 1 to 9 of 9

Thread: Packet Spoofing

  1. #1

    Packet Spoofing

    ok heres my problem, in about a week or so me and a group of friends about 10of us are have a wargame over a lan, i was wondering if anyone new were i could get a program for linux pref RH or Mandrake to spoof the returning packets of pings etc so it makes my linux machine look like a insecure windoez box.
    Signature image is too tall!

  2. #2
    Well I know that nmap uses some things like TTL of packets and other stuff like that for os finger prints, but how to change that in Linux, I don't know. You can check in nmap docs and google what it really checks for os finger printing and then look if you can change that on linux? Ok, I wasn't really useful, I'm just a newbie :P If you find something, tell me. Maybe you can use netcat to emulate some windows services too?

    Some links I found :
    (I didn't checked those, so maybe they sucks, but some of those websites are well known)

    So you might want to check on goole for :
    packets forging
    os fingerprinting

    spoofing is the process of changing your IP in the packet I think. Someone can clarify that?

    hope this help

  3. #3
    Senior Member Wazz's Avatar
    Join Date
    Apr 2003
    Use a would simply need to configure it to "look" like a Windows box......
    "It is a shame that stupidity is not painful" - Anton LaVey

  4. #4
    you got any good honey pot links
    Signature image is too tall!

  5. #5 is a good start.
    Search for Honeypot and Honeynet on goole and on this forum, you'll fin usefull information.

  6. #6
    Junior Member
    Join Date
    Aug 2003
    A Tarpit would be even better. Not only does it simulate a box, it traps the attackers connection.


  7. #7
    Senior Member
    Join Date
    Jan 2002
    Or, for extra special value, run a Windows install inside vmware (or NT4 in bochs if you're very patient), and set it up really insecure.

    Firewall it (on the Linux box) so that it can't be used for egress, and watch as they own it and believe they've won


  8. #8
    rebmeM roineS enilnOitnA steve.milner's Avatar
    Join Date
    Jul 2003
    What you could do is use portsentry to to detect any scans at all, and then use iptables and mirror so that in the wargames anyone that tries to attack your box ends up attacking themselves.

    Look here for details :

    and here for the use of mirror

    If your are intrerested and want more details, drop me a PM

    IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire.

  9. #9
    Senior Member Wazz's Avatar
    Join Date
    Apr 2003
    That's a sweet one slarty!
    "It is a shame that stupidity is not painful" - Anton LaVey

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts